Skip to main content
CVE-2022-36491 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateIpv6Params. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36490 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditMacList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36489 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EnableIpv6. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36488 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36487 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-36486 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-36485 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-36484 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36483 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36482 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Command Injection Buffer Overflow N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-36481 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2022-36480 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36479 HIGH POC This Week

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N350Rt Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-36478 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36477 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddWlanMacList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36475 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddMacList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36474 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function WlanWpsSet. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36473 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36472 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMobileAPInfoById. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36471 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMacAccessMode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36470 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAP5GWifiById. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36469 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36468 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36467 HIGH POC This Week

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function EditMacList.d. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow B5 Mini Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36466 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36465 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36464 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36463 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36462 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36461 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2022-36460 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-36459 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-36458 HIGH POC This Week

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A3700r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-36456 HIGH POC This Week

TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A720R Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-2255 HIGH POC PATCH This Week

A vulnerability was found in mod_wsgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mod Wsgi Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-36119 HIGH This Week

An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Blue Prism
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-20921 HIGH This Week

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO) could allow an authenticated, remote attacker to elevate privileges on an affected device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Aci Multi Site Orchestrator
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-20824 HIGH This Week

A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow RCE Stack Overflow +141
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-32744 HIGH PATCH This Week

A flaw was found in Samba. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Samba
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-2031 HIGH This Week

A flaw was found in Samba. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Samba
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-32427 HIGH This Week

PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Path Traversal Windows Client
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2022-20823 HIGH This Week

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow Nexus 3016 Firmware Nexus 3016Q Firmware +144
NVD
CVSS 3.1
8.6
EPSS
1.0%
CVE-2022-32745 HIGH PATCH This Week

A flaw was found in Samba. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Samba
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-2465 HIGH PATCH This Week

Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Rockwell Deserialization RCE Isagraf Workbench
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-2464 HIGH PATCH This Week

Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Rockwell Path Traversal Isagraf Workbench
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-2463 HIGH PATCH This Week

Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Rockwell Path Traversal Isagraf Workbench
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2022-0135 HIGH PATCH This Week

An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption RCE Denial Of Service Buffer Overflow Virglrenderer +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-22728 HIGH This Week

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Denial Of Service Buffer Overflow Libapreq2 Fedora +1
NVD
CVSS 3.1
7.5
EPSS
4.7%
CVE-2022-36115 HIGH This Week

An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection Blue Prism
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2022-2959 HIGH PATCH This Week

A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). Rated high severity (CVSS 7.0).

Linux Denial Of Service Linux Kernel
NVD GitHub
CVSS 3.1
7.0
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy