Skip to main content
CVE-2022-37178 HIGH POC This Week

An issue was discovered in 72crm 9.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Wukong Crm
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36633 HIGH POC PATCH THREAT This Week

Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Teleport
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
49.5%
CVE-2022-32893 HIGH KEV THREAT This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Safari +7
NVD
CVSS 3.1
8.8
EPSS
9.8%
CVE-2022-2234 HIGH PATCH This Week

An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Mypro
NVD
CVSS 3.1
8.8
EPSS
41.5%
CVE-2022-37333 HIGH PATCH This Week

SQL injection vulnerability in the Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

SQLi Exment Laravel Admin
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-38132 HIGH This Week

Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Linksys Command Injection Mr8300 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-34838 HIGH This Week

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Abb Zenon
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2022-34836 HIGH This Week

Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Abb Path Traversal Zenon
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2022-32894 HIGH KEV THREAT This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +3
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2022-32840 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation Ipados Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-32837 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple Buffer Overflow Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-32813 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +5
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32812 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-32811 HIGH This Week

A memory corruption vulnerability was addressed with improved locking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-32810 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-2978 HIGH This Week

A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Linux Denial Of Service Use After Free Linux Kernel +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32793 HIGH This Week

Multiple out-of-bounds write issues were addressed with improved bounds checking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple Buffer Overflow Ipados Iphone Os +4
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-27812 HIGH This Week

Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-25903 HIGH PATCH This Week

The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Denial Of Service Buffer Overflow Opcua
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-24375 HIGH PATCH This Week

The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Node Opcua
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy