Skip to main content
CVE-2022-35699 HIGH PATCH This Week

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption RCE Adobe Buffer Overflow Bridge
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-29908 HIGH This Week

The folioupdate service in Fabasoft Cloud Enterprise Client 22.4.0043 allows Local Privilege Escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Fabasoft Cloud Enterprise Client
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-40608 HIGH This Week

IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft IBM Path Traversal Spectrum Protect Plus
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-40141 HIGH PATCH This Week

A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Trend Micro Apex One
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-38333 HIGH This Week

Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Openwrt
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-40143 HIGH PATCH This Week

A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service servers could allow a local attacker to abuse an insecure directory that could. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

RCE Trend Micro Privilege Escalation Apex One
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2022-40139 HIGH KEV PATCH THREAT This Week

Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Trend Micro Apex One
NVD
CVSS 3.1
7.2
EPSS
3.1%
CVE-2022-38341 HIGH PATCH This Week

Safe Software FME Server v2021.2.5 and below does not employ server-side validation. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Fme Server
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2022-40715 MEDIUM This Month

An issue was discovered in NOKIA 1350OMS R14.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Nokia 1350 Optical Management System
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-40713 MEDIUM This Month

An issue was discovered in NOKIA 1350OMS R14.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Nokia 1350 Optical Management System
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-38339 MEDIUM This Month

Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Fme Server
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-40714 MEDIUM This Month

An issue was discovered in NOKIA 1350OMS R14.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Nokia 1350 Optical Management System
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-40712 MEDIUM This Month

An issue was discovered in NOKIA 1350OMS R14.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Nokia 1350 Optical Management System
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-40234 MEDIUM This Month

Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure IBM Spectrum Protect Plus
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2022-40140 MEDIUM PATCH This Month

An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Trend Micro Apex One
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-3213 MEDIUM PATCH This Month

A heap buffer overflow issue was found in ImageMagick. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Imagemagick Extra Packages For Enterprise Linux Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.5%
CVE-2022-37348 MEDIUM PATCH This Month

Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Trend Micro Buffer Overflow Security
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-37347 MEDIUM PATCH This Month

Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Trend Micro Buffer Overflow Security
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-38425 MEDIUM PATCH This Month

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Denial Of Service Adobe Use After Free Bridge
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-35709 MEDIUM PATCH This Month

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Denial Of Service Adobe Use After Free Bridge
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-40778 MEDIUM This Month

A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Metadefender
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-29835 MEDIUM This Month

WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Wd Discovery
NVD
CVSS 3.1
5.3
EPSS
0.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy