Skip to main content
CVE-2022-1798 MEDIUM POC This Month

A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Kubevirt
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-40738 MEDIUM POC This Month

An issue was discovered in Bento4 through 1.6.0-639. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Bento4
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-40737 MEDIUM POC This Month

An issue was discovered in Bento4 through 1.6.0-639. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Bento4
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-40736 MEDIUM POC This Month

An issue was discovered in Bento4 1.6.0-639. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-3224 MEDIUM POC PATCH This Month

Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Parse Url
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-40306 MEDIUM POC This Month

The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) before 5.5.2 (July 2023) performs expensive RSA key-generation operations, which allows attackers to cause a denial of. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Printanista Managed Print Service
NVD
CVSS 3.1
5.9
EPSS
1.0%
CVE-2022-39215 MEDIUM POC PATCH This Month

Tauri is a framework for building binaries for all major desktop platforms. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Tauri
NVD GitHub
CVSS 3.1
5.8
EPSS
0.8%
CVE-2022-38334 MEDIUM POC This Month

XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Xpdf
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-38890 MEDIUM POC This Month

Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Nginx Information Disclosure Buffer Overflow Njs
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38851 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Mencoder Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38850 MEDIUM POC This Month

The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mencoder Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38600 MEDIUM POC This Month

Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mplayer
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-38865 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mencoder Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38864 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mencoder Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38863 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mencoder Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38861 MEDIUM POC This Month

The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38860 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mencoder Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38858 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mencoder Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38856 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mencoder Mplayer
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38855 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mencoder Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-38853 MEDIUM POC This Month

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mencoder Mplayer
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-3222 MEDIUM POC PATCH This Month

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-38814 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in the auth_settings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS An5506 02 B Firmware
NVD
CVSS 3.1
5.4
EPSS
2.5%
CVE-2022-3211 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Pimcore
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-38788 MEDIUM POC This Month

An issue was discovered in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nokia Fastmile 5G Receiver Firmware
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-39209 MEDIUM PATCH This Month

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Cmark Gfm Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
1.6%
CVE-2022-29649 MEDIUM This Month

Qsmart Next v4.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Qsmart Next
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-31735 MEDIUM PATCH This Month

OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Openam
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-38866 MEDIUM This Month

Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Mencoder Mplayer Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-2472 MEDIUM This Month

Improper Initialization vulnerability in the local server component of EZVIZ CS-C6N-A0-1C2WFR allows a local attacker to read the contents of the memory space containing the encrypted admin password. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cs C6N A0 1C2Wfr Firmware
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-27561 MEDIUM PATCH This Month

There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Traveler
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-36075 MEDIUM PATCH This Month

Nextcloud files access control is a nextcloud app to manage access control for files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nextcloud Files Access Control
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy