Skip to main content
CVE-2022-38038 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-38037 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-38003 HIGH PATCH This Week

Windows Resilient File System Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-37999 HIGH PATCH This Week

Windows Group Policy Preference Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-37997 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-37995 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-37994 HIGH PATCH This Week

Windows Group Policy Preference Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-37993 HIGH PATCH This Week

Windows Group Policy Preference Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-37991 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-37990 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-37989 HIGH PATCH This Week

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
9.3%
CVE-2022-37988 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-37987 HIGH PATCH This Week

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
9.7%
CVE-2022-37986 HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-37984 HIGH PATCH This Week

Windows WLAN Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-37983 HIGH PATCH This Week

Microsoft DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2019 +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-37980 HIGH PATCH This Week

Windows DHCP Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-37979 HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8).

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-37970 HIGH PATCH This Week

Windows DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2019 +1
NVD
CVSS 3.1
7.8
EPSS
9.7%
CVE-2022-33635 HIGH PATCH This Week

Windows GDI+ Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-41851 HIGH PATCH This Week

A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Information Disclosure Jt Open Toolkit Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-38465 HIGH This Week

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Simatic Et 200 Sp Open Controller Cpu 1515Sp Pc2 Firmware Simatic Et 200 Sp Open Controller Cpu 1515Sp Pc Firmware Simatic Drive Controller Cpu 1504D Tf Firmware Simatic Drive Controller Cpu 1507D Tf Firmware +41
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-37864 HIGH PATCH This Week

A vulnerability has been identified in Solid Edge (All Versions < SE2022MP9). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-37998 HIGH PATCH This Week

Windows Local Session Manager (LSM) Denial of Service Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Denial Of Service Windows 10 Windows 11 Windows Server 2022
NVD
CVSS 3.1
7.7
EPSS
2.8%
CVE-2022-37973 HIGH PATCH This Week

Windows Local Session Manager (LSM) Denial of Service Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Denial Of Service Windows 10 Windows 11 Windows Server 2022
NVD
CVSS 3.1
7.7
EPSS
2.8%
CVE-2022-39013 HIGH This Week

Under certain conditions an authenticated attacker can get access to OS credentials. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Business Objects Business Intelligence Platform
NVD
CVSS 3.1
7.6
EPSS
0.6%
CVE-2022-40227 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Hmi Comfort Panels Firmware Simatic Hmi Ktp400 Basic Firmware Simatic Hmi Ktp700 Basic Firmware Simatic Hmi Ktp900 Basic Firmware +6
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2022-39802 HIGH This Week

SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Path Traversal SAP Manufacturing Execution
NVD
CVSS 3.1
7.5
EPSS
6.4%
CVE-2022-38138 HIGH This Week

The Triangle Microworks IEC 61850 Library (Any client or server using the C language library with a version number of 11.2.0 or earlier and any client or server using the C++, C#, or Java language. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Java Iec 60870 6 Software Library Iec 61850 Software Library
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-20418 HIGH PATCH This Week

In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Google Information Disclosure Buffer Overflow Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20410 HIGH PATCH This Week

In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Google Information Disclosure Buffer Overflow Android
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-38046 HIGH PATCH This Week

Web Account Manager Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Windows 10 Windows 11 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-38041 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2022-38036 HIGH PATCH This Week

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service Windows 11 Windows Server 2022
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2022-37978 HIGH PATCH This Week

Windows Active Directory Certificate Services Security Feature Bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Microsoft Authentication Bypass Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-37599 HIGH PATCH This Week

A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Loader Utils
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2022-34689 HIGH PATCH This Week

Windows CryptoAPI Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
37.9%
CVE-2022-33645 HIGH PATCH This Week

Windows TCP/IP Driver Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2022-39296 HIGH PATCH This Week

MelisAssetManager provides deliveries of Melis Platform's assets located in every module's public folder. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Melis Asset Manager
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-34430 HIGH PATCH This Week

Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Hybrid Client
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-39271 HIGH PATCH This Week

Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Traefik
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-36362 HIGH PATCH This Week

A vulnerability has been identified in LOGO!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Logo 8 Bm Firmware Logo 8 Bm Fs 05 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-36360 HIGH PATCH This Week

A vulnerability has been identified in LOGO!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Logo 8 Bm Firmware Logo 8 Bm Fs 05 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-41042 HIGH PATCH This Week

Visual Studio Code Information Disclosure Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Visual Studio Code
NVD
CVSS 3.1
7.4
EPSS
1.9%
CVE-2022-40147 HIGH This Week

A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Industrial Edge Management
NVD
CVSS 3.1
7.4
EPSS
0.3%
CVE-2022-42230 HIGH This Week

Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manage_user&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Simple Cold Storage Managment System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2022-38042 HIGH PATCH This Week

Active Directory Domain Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Information Disclosure Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.1
EPSS
1.3%
CVE-2022-37971 HIGH PATCH This Week

Microsoft Windows Defender Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Malware Protection Engine
NVD
CVSS 3.1
7.1
EPSS
0.6%
CVE-2022-20422 HIGH PATCH This Week

In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. Rated high severity (CVSS 7.0).

Google Privilege Escalation Android Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-38029 HIGH PATCH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Race Condition Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.6%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy