Skip to main content
CVE-2022-2249 MEDIUM This Month

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges.0.0.0 through 8.1.3.3 and. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Aura Communication Manager
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-41606 MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Hashicorp Denial Of Service Nomad
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-41351 MEDIUM This Month

In Zimbra Collaboration Suite (ZCS) 8.8.15, at the URL /h/calendar, one can trigger XSS by adding JavaScript code to the view parameter and changing the value of the uncheck parameter to a string. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Collaboration
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-41350 MEDIUM This Month

In Zimbra Collaboration Suite (ZCS) 8.8.15, /h/search?action=voicemail&action=listen accepts a phone parameter that is vulnerable to Reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Collaboration
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-41349 MEDIUM This Month

In Zimbra Collaboration Suite (ZCS) 8.8.15, the URL at /h/compose accepts an attachUrl parameter that is vulnerable to Reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Collaboration
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-41348 MEDIUM This Month

An issue was discovered in Zimbra Collaboration (ZCS) 9.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure XSS Collaboration
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-3464 MEDIUM This Month

A vulnerability classified as problematic has been found in puppyCMS up to 5.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Puppycms
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-33918 MEDIUM This Month

Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Geodrive
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-41316 MEDIUM PATCH This Month

HashiCorp Vault and Vault Enterprise’s TLS certificate auth method did not initially load the optionally configured CRL issued by the role's CA into memory on startup, resulting in the revocation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Vault
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-2720 MEDIUM This Month

In affected versions of Octopus Server it was identified that when a sensitive value is a substring of another value, sensitive value masking will only partially work. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Octopus Server
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-32484 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-32483 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
4.4
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy