Skip to main content
CVE-2022-37418 MEDIUM POC This Month

The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles through 2017 allows remote attackers to perform unlock operations and force a resynchronization after. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Nissan Firmware Kia Firmware Hyundai Firmware
NVD VulDB
CVSS 3.1
6.4
EPSS
2.0%
CVE-2022-37305 MEDIUM POC This Month

The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows remote attackers to perform unlock operations and force a resynchronization after capturing five. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Honda Firmware
NVD
CVSS 3.1
6.4
EPSS
0.9%
CVE-2022-36945 MEDIUM POC This Month

The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows remote attackers to perform unlock operations and force a resynchronization after capturing three. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Mazda Firmware
NVD
CVSS 3.1
6.4
EPSS
0.9%
CVE-2022-37153 MEDIUM POC This Month

An issue was discovered in Artica Proxy 4.30.000000. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Artica Proxy
NVD GitHub
CVSS 3.1
6.1
EPSS
1.4%
CVE-2018-14519 MEDIUM POC This Month

An issue was discovered in Kirby 2.5.12. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Kirby
NVD Exploit-DB VulDB
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-4040 MEDIUM PATCH This Month

A flaw was found in AMQ Broker. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Amq Broker Artemis
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
8.8%
CVE-2022-34837 MEDIUM This Month

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Abb Zenon
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2022-2569 MEDIUM PATCH This Month

The affected device stores sensitive information in cleartext, which may allow an authenticated user to access session data stored in the OAuth database belonging to legitimate users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Pcvue
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-32838 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2022-32834 MEDIUM This Month

An access issue was addressed with improvements to the sandbox. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2022-33172 MEDIUM PATCH This Month

de.fac2 1.34 allows bypassing the User Presence protection mechanism when there is malware on the victim's PC. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass De Fac2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-38089 MEDIUM PATCH This Month

Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Exment Laravel Admin
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-38080 MEDIUM PATCH This Month

Reflected cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Exment Laravel Admin
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-32857 MEDIUM This Month

This issue was addressed by using HTTPS when sending information over the network. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy