Skip to main content
CVE-2022-1628 MEDIUM PATCH This Month

The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting in versions up to, and including 1.7.91, due to insufficient sanitization or escaping on the SEO. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Simple Seo
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-1522 MEDIUM This Month

The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-117: Improper Output Neutralization for Logs, which allows an attacker to create false logs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 3D A1000 Dimensioning System Firmware
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-32277 MEDIUM This Month

Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Matrix
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-36032 MEDIUM PATCH This Month

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Http
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-2939 MEDIUM PATCH This Month

The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure WordPress PHP Wp Cerber Security Anti Spam Malware Scan
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-23690 MEDIUM This Month

A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-36057 MEDIUM PATCH This Month

Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Discourse Chat
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-34656 MEDIUM This Month

Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Poll Survey Questionnaire And Voting System
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-26463 MEDIUM This Month

In vow, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-26462 MEDIUM This Month

In vow, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-26459 MEDIUM This Month

In vow, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-26456 MEDIUM This Month

In vow, there is a possible information disclosure due to a symbolic link following. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-35913 MEDIUM This Month

Samourai Wallet Stonewallx2 0.99.98e allows a denial of service via a P2P coinjoin. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Samourai
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-33177 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WPdevelop/Oplugins Booking Calendar plugin <= 9.2.1 at WordPress leading to Translations Update. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Booking Calendar
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23689 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23688 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23687 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23686 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy