Skip to main content
CVE-2022-37202 HIGH POC This Week

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jfinal Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-3670 HIGH POC This Week

A vulnerability was found in Axiomatic Bento4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-3666 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-3665 HIGH POC This Week

A vulnerability classified as critical was found in Axiomatic Bento4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-3664 HIGH POC This Week

A vulnerability classified as critical has been found in Axiomatic Bento4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-3662 HIGH POC This Week

A vulnerability was found in Axiomatic Bento4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-42999 HIGH POC This Week

D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
2.7%
CVE-2022-3667 HIGH POC This Week

A vulnerability, which was classified as critical, was found in Axiomatic Bento4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-39286 HIGH PATCH This Week

Jupyter Core is a package for the core common functionality of Jupyter projects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Privilege Escalation Jupyter Core Debian Linux Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-39362 HIGH PATCH This Week

Metabase is data visualization software. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Metabase
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-39361 HIGH This Week

Metabase is data visualization software. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Metabase
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-40238 HIGH This Week

A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Vince
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-39944 HIGH PATCH This Week

In Apache Linkis <=1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Deserialization RCE Linkis
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2022-43749 HIGH This Week

Improper privilege management vulnerability in summary report management in Synology Presto File Server before 2.1.2-1601 allows remote authenticated users to bypass security constraint via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Synology Privilege Escalation Presto File Server
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-20933 HIGH This Week

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Meraki Mx64 Firmware Meraki Mx64W Firmware Meraki Mx65 Firmware +20
NVD
CVSS 3.1
8.6
EPSS
1.0%
CVE-2022-20822 HIGH This Week

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Identity Services Engine
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2022-31256 HIGH This Week

A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Factory
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-3705 HIGH PATCH This Week

A vulnerability was found in vim and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Vim Fedora Debian Linux +1
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-43766 HIGH PATCH This Week

Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Denial Of Service Java Iotdb
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-43748 HIGH This Week

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in file operation management in Synology Presto File Server before 2.1.2-1601 allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Synology Presto File Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-20811 HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-20955 HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2022-20954 HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
7.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy