Skip to main content
CVE-2022-3012 HIGH POC This Week

A vulnerability was found in oretnom23 Fast Food Ordering System. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fast Food Ordering System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-38794 HIGH POC This Week

Zaver through 2020-12-15 allows directory traversal via the GET /.. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Zaver
NVD GitHub
CVSS 3.1
7.5
EPSS
3.6%
CVE-2022-3014 MEDIUM POC This Month

A vulnerability classified as problematic was found in SourceCodester Simple Task Managing System. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Simple Task Managing System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-38792 CRITICAL PATCH Act Now

The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Exotel
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-3013 CRITICAL Act Now

A vulnerability classified as critical has been found in SourceCodester Simple Task Managing System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Simple Task Managing System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2022-3015 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in oretnom23 Fast Food Ordering System. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Fast Food Ordering System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-38791 MEDIUM This Month

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure MariaDB Fedora
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-2787 MEDIUM PATCH This Month

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Schroot Debian Linux
NVD
CVSS 3.1
4.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy