Skip to main content
CVE-2022-37201 HIGH POC This Week

JFinal CMS 5.1.0 is vulnerable to SQL Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jfinal Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-37207 HIGH POC This Week

JFinal CMS 5.1.0 is affected by: SQL Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jfinal Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-3221 HIGH POC PATCH This Week

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-38862 HIGH POC This Week

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mencoder Mplayer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-39213 HIGH POC PATCH This Week

go-cvss is a Go module to manipulate Common Vulnerability Scoring System (CVSS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Go Cvss
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-38535 HIGH POC This Week

TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection A720R Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
1.7%
CVE-2022-38534 HIGH POC This Week

TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection A720R Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
1.7%
CVE-2022-38595 HIGH POC This Week

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_user.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Church Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-38594 HIGH POC This Week

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_visitor.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Church Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-38323 HIGH POC This Week

Event Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /Royal_Event/update_image.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Event Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-29240 HIGH PATCH This Week

Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Apache Information Disclosure Scylla
NVD GitHub
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-40663 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40662 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-40661 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Heap Overflow Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-40660 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Heap Overflow Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-40659 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-40658 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-40657 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-40656 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 13.2.0.21165. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-40655 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Heap Overflow Buffer Overflow Nis Elements Viewer
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-40654 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40653 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40652 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40651 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-40650 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40649 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40648 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-40647 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40646 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40645 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40644 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40643 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40642 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40641 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40640 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40639 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40638 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-40637 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40636 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Buffer Overflow Spaceclaim
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-36074 HIGH PATCH This Week

Nextcloud server is an open source personal cloud product. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nextcloud Nextcloud Enterprise Server Nextcloud Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-37260 HIGH This Week

A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the input variable in main.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Steal
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-37262 HIGH This Week

A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Steal
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-3001 HIGH This Week

This vulnerability exists in Milesight Video Management Systems (VMS), all firmware versions prior to 40.7.0.79-r1, due to improper input handling at camera’s web-based management interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Video Management Systems Firmware
NVD
CVSS 3.1
7.5
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy