Skip to main content
CVE-2022-3203 CRITICAL POC Act Now

On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Iap 420 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-37454 CRITICAL POC PATCH Act Now

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow RCE Extended Keccak Code Package Debian Linux +6
NVD GitHub
CVSS 3.1
9.8
EPSS
5.2%
CVE-2022-3640 HIGH POC This Week

A vulnerability, which was classified as critical, was found in Linux Kernel. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Linux Denial Of Service Buffer Overflow Linux Kernel Fedora +1
NVD VulDB
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-23462 HIGH POC PATCH This Week

IOWOW is a C utility library and persistent key/value storage engine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Iowow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-42189 HIGH POC This Week

Emlog Pro 1.6.0 plugins upload suffers from a remote code execution (RCE) vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Emlog
NVD GitHub
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-3635 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Linux Kernel. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Linux Denial Of Service Buffer Overflow Linux Kernel Debian Linux
NVD VulDB
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-3627 MEDIUM POC PATCH This Month

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Libtiff Active Iq Unified Manager Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-3626 MEDIUM POC PATCH This Month

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Libtiff Active Iq Unified Manager Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-3599 MEDIUM POC PATCH This Month

LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Libtiff Active Iq Unified Manager Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-3598 MEDIUM POC PATCH This Month

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Libtiff Active Iq Unified Manager Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-3597 MEDIUM POC PATCH This Month

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Libtiff Active Iq Unified Manager Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-26870 CRITICAL PATCH Act Now

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Dell Powerstoreos
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-43400 CRITICAL Act Now

A vulnerability has been identified in Siveillance Video Mobile Server V2022 R2 (All versions < V22.2a (80)). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Siveillance Video Mobile Server
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-39259 MEDIUM POC PATCH This Month

jadx is a set of command line and GUI tools for producing Java source code from Android Dex and Apk files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Denial Of Service Java Jadx
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-3570 MEDIUM POC PATCH This Month

Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Buffer Overflow Libtiff Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2022-42206 MEDIUM POC This Month

PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via doctor/view-patient.php, admin/view-patient.php, and view-medhistory.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Hospital Management System
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-42205 MEDIUM POC This Month

PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via add-patient.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Hospital Management System
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-1066 HIGH This Week

Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tug Home Base Server
NVD
CVSS 3.1
8.2
EPSS
0.7%
CVE-2022-1070 HIGH This Week

Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Tug Home Base Server
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2022-42944 HIGH PATCH This Week

A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42943 HIGH PATCH This Week

A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42942 HIGH PATCH This Week

A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42941 HIGH PATCH This Week

A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42940 HIGH PATCH This Week

A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42939 HIGH PATCH This Week

A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42938 HIGH PATCH This Week

A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42937 HIGH PATCH This Week

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42936 HIGH PATCH This Week

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42935 HIGH PATCH This Week

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42934 HIGH PATCH This Week

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42933 HIGH PATCH This Week

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41310 HIGH PATCH This Week

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-41309 HIGH PATCH This Week

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Autocad Autocad Advance Steel +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-36122 HIGH This Week

The Automox Agent before 40 on Windows incorrectly sets permissions on key files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Automox
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-3636 HIGH PATCH This Week

A vulnerability, which was classified as critical, was found in Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Linux Mediatek Denial Of Service Buffer Overflow Linux Kernel +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-3625 HIGH PATCH This Week

A vulnerability was found in Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Linux Denial Of Service Buffer Overflow Linux Kernel Debian Linux
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-34439 HIGH PATCH This Week

Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Denial Of Service Emc Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-3639 HIGH This Week

A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab Denial Of Service
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-26423 HIGH This Week

Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tug Home Base Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-41575 HIGH This Week

A credential-exposure vulnerability in the support-bundle mechanism in Gradle Enterprise 2022.3 through 2022.3.3 allows remote attackers to access a subset of application data (e.g., cleartext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Enterprise
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-3647 LOW POC PATCH Monitor

** DISPUTED ** A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Redis Denial Of Service
NVD VulDB GitHub
CVSS 3.1
3.3
EPSS
0.6%
CVE-2022-38104 HIGH This Week

Auth. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation Accordions
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-3649 HIGH PATCH This Week

A vulnerability was found in Linux Kernel. Rated high severity (CVSS 7.0). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Linux Denial Of Service Buffer Overflow Linux Kernel Debian Linux +5
NVD VulDB
CVSS 3.1
7.0
EPSS
0.8%
CVE-2022-34438 MEDIUM PATCH This Month

Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Dell Privilege Escalation Emc Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-34437 MEDIUM PATCH This Month

Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Command Injection Emc Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2022-1059 MEDIUM This Month

Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Tug Home Base Server
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-3637 MEDIUM PATCH This Month

A vulnerability has been found in Linux Kernel and classified as problematic. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Bluez
NVD VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-3630 MEDIUM PATCH This Month

A vulnerability was found in Linux Kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-41638 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Pop Up Chop Chop
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-27494 MEDIUM This Month

Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Tug Home Base Server
NVD
CVSS 3.1
5.4
EPSS
0.6%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy