Skip to main content
CVE-2022-36804 HIGH POC KEV PATCH THREAT Act Now

Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Atlassian Command Injection Bitbucket
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
99.1%
CVE-2022-36721 HIGH POC This Week

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Textbook parameter at /admin/modify.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Library Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36720 HIGH POC This Week

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/modify1.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Library Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36703 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36701 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36700 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36699 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36698 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-31269 HIGH POC This Week

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Emerge E3 Firmware
NVD GitHub
CVSS 3.1
8.2
EPSS
5.1%
CVE-2022-2997 HIGH POC PATCH This Week

Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Session Fixation Snipe It
NVD GitHub
CVSS 3.1
8.0
EPSS
0.7%
CVE-2022-2982 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0260. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-37824 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37823 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37822 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37821 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37820 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37819 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37818 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37817 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37084 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the sPort parameter at the addEffect function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37083 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37082 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37081 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37080 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the command parameter at setting/setTracerouteCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37079 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2022-37078 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at /setting/setLanguageCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Command Injection Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-37077 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the pppoeUser parameter. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36455 HIGH POC This Week

TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A3600r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37076 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37075 HIGH POC This Week

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37074 HIGH POC This Week

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36510 HIGH POC THREAT This Week

H3C GR2200 MiniGR1A0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gr2200 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
12.3%
CVE-2022-36509 HIGH POC THREAT This Week

H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gr3200 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
12.3%
CVE-2022-36508 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36507 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddWlanMacList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36506 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMacAccessMode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36505 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EDitusergroup. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36504 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36503 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateMacClone. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36502 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateWanParams. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36501 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateSnat. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36500 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditWlanMacList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36499 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function DEleteusergroup. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36498 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36497 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36496 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMobileAPInfoById. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-36495 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function addactionlist. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36494 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function edditactionlist. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36493 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36492 HIGH POC This Week

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddMacList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic Nx18 Plus Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy