Skip to main content
CVE-2022-21623 HIGH PATCH This Week

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Application Config Console). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Enterprise Manager Base Platform
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-21622 HIGH PATCH This Week

Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Adapters). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Soa Suite
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-21620 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-21614 HIGH PATCH This Week

Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Enterprise Data Quality
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-21598 HIGH PATCH This Week

Vulnerability in the Siebel Core - DB Deployment and Configuration product of Oracle Siebel CRM (component: Repository Utilities). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Core Db Deployment And Configuration Accessible Data
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-29055 HIGH This Week

A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Fortinet Fortiproxy Fortios
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-3582 LOW POC Monitor

A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass CSRF Simple Cold Storage Management System
NVD GitHub VulDB
CVSS 3.1
3.5
EPSS
0.3%
CVE-2022-39058 HIGH This Week

RAVA certification validation system has a path traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Rava Certificate Validation System
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-22247 HIGH This Week

An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22236 HIGH This Week

An Access of Uninitialized Pointer vulnerability in SIP Application Layer Gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22235 HIGH This Week

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22232 HIGH This Week

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Null Pointer Dereference Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22231 HIGH This Week

An Unchecked Return Value to NULL Pointer Dereference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22228 HIGH This Week

An Improper Validation of Specified Type of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an attacker to cause an RPD memory leak leading to a Denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22218 HIGH This Week

On SRX Series devices, an Improper Check for Unusual or Exceptional Conditions when using Certificate Management Protocol Version 2 (CMPv2) auto re-enrollment, allows a network-based, unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-22211 HIGH This Week

A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved on PTX Series allows an unprivileged attacker to cause Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22201 HIGH This Week

An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated network-based. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22192 HIGH This Week

An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper Networks Junos OS Evolved on PTX series allows a network-based, unauthenticated attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-21615 HIGH PATCH This Week

Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Enterprise Data Quality
NVD
CVSS 3.1
7.4
EPSS
0.7%
CVE-2022-39421 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2022-22248 HIGH This Week

An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS Evolved allows a low-privileged local user to modify the contents of a configuration file which could. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos Os Evolved
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2022-21603 HIGH PATCH This Week

Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Sharding
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-21600 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL Oncommand Insight Oncommand Workflow Automation
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2022-21596 HIGH PATCH This Week

Vulnerability in the Oracle Database - Advanced Queuing component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-35844 HIGH This Week

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Fortitester
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2022-39057 HIGH This Week

RAVA certificate validation system has insufficient filtering for special parameter of the web page input field. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rava Certificate Validation System
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-21593 HIGH PATCH This Week

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OHS Config MBeans). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Http Server
NVD
CVSS 3.1
7.1
EPSS
0.6%
CVE-2022-39410 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight Oncommand Workflow Automation
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-39408 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight Oncommand Workflow Automation
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-21636 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Applications Framework
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-21635 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL Oncommand Insight Oncommand Workflow Automation
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-21601 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Communications Billing And Revenue Management
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-22250 MEDIUM This Month

An Improper Control of a Resource Through its Lifetime vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Buffer Overflow Junos Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-22238 MEDIUM This Month

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-22237 MEDIUM This Month

An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-22230 MEDIUM This Month

An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS (Denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-22226 MEDIUM This Month

In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-22224 MEDIUM This Month

An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-42117 MEDIUM PATCH This Month

A Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.3.2 through 7.4.3.16, and Liferay DXP 7.3 before update 6, and 7.4 before update 17 allows remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Dxp Liferay Portal
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-42116 MEDIUM PATCH This Month

A Cross-site scripting (XSS) vulnerability in the Frontend Editor module's integration with CKEditor in Liferay Portal 7.3.2 through 7.4.3.14, and Liferay DXP 7.3 before update 6, and 7.4 before. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Dxp Liferay Portal
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-42113 MEDIUM PATCH This Month

A Cross-site scripting (XSS) vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Dxp Liferay Portal
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-21639 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search Integration). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Oracle XSS Elastic Peoplesoft Enterprise
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-21631 MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design Tools SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Oracle XSS Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-21630 MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-21606 MEDIUM PATCH This Month

Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft Oracle XSS Database Server
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-3581 MEDIUM This Month

A vulnerability, which was classified as problematic, was found in SourceCodester Cashier Queuing System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cashier Queuing System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2022-3580 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cashier Queuing System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2022-3339 MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Epolicy Orchestrator
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-39423 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.5%
CVE-2022-21621 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Oracle Denial Of Service Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.3%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy