Skip to main content
CVE-2022-38034 HIGH PATCH This Week

Windows Workstation Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2022-38031 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-38016 HIGH PATCH This Week

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2019 +1
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-37982 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-37976 HIGH PATCH This Week

Active Directory Certificate Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2022-37975 HIGH PATCH This Week

Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2022-34427 HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2022-34426 HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Command Injection Container Storage Modules
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-32492 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Bios
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-32486 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Bios
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-41665 HIGH PATCH This Week

A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions <. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware +33
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-40182 HIGH PATCH This Week

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Google Privilege Escalation Desigo Pxm30 1 Firmware Desigo Pxm30 E Firmware Desigo Pxm40 1 Firmware +7
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-38371 HIGH PATCH This Week

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Nucleus Net Nucleus Readystart V3 Nucleus Source Code Apogee Modular Building Controller Firmware +17
NVD
CVSS 4.0
8.7
EPSS
1.3%
CVE-2022-31766 HIGH This Week

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Siemens Ruggedcom Rm1224 Firmware Scalance M804Pb Firmware Scalance M812 1 Firmware +13
NVD
CVSS 3.1
8.6
EPSS
1.0%
CVE-2022-40181 HIGH PATCH This Week

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Desigo Pxm30 1 Firmware Desigo Pxm30 E Firmware Desigo Pxm40 1 Firmware Desigo Pxm40 E Firmware +6
NVD
CVSS 3.1
8.3
EPSS
0.8%
CVE-2022-34432 HIGH PATCH This Week

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Dell Command Injection Hybrid Client
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-41081 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft RCE Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2022-38047 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-38000 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2022-33634 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-30198 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-24504 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-22035 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2022-40226 HIGH PATCH This Week

A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions <. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Session Fixation 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware +33
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2022-40179 HIGH PATCH This Week

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Desigo Pxm30 1 Firmware Desigo Pxm30 E Firmware Desigo Pxm40 1 Firmware Desigo Pxm40 E Firmware +6
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2022-40176 HIGH PATCH This Week

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Desigo Pxm30 1 Firmware Desigo Pxm30 E Firmware Desigo Pxm40 1 Firmware Desigo Pxm40 E Firmware +6
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2022-42717 HIGH PATCH This Week

An issue was discovered in Hashicorp Packer before 2.3.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Hashicorp Vagrant
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-41202 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41201 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41200 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41199 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41198 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41197 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-41196 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41195 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41194 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-41193 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41192 HIGH This Week

Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41191 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41190 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41189 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41188 HIGH This Week

Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41187 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41186 HIGH This Week

Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-41185 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, MataiPersistence.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-41184 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41180 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Portable Document Format (.pdf, PDFPublishing.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41179 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JtTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41177 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41175 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.8%
Prev Page 2 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy