Skip to main content
CVE-2022-3387 MEDIUM This Month

Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal PHP R Seenet
NVD
CVSS 3.1
5.3
EPSS
14.0%
CVE-2022-39329 MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Nextcloud Nextcloud Enterprise Server Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-2508 MEDIUM This Month

In affected versions of Octopus Server it is possible to reveal the existence of resources in a space that the user does not have access to due to verbose error messaging. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Octopus Server
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-40184 MEDIUM PATCH This Month

Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Videojet Multi 4000 Firmware
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2021-45476 MEDIUM This Month

Yordam Library Information Document Automation product before version 19.02 has an unauthenticated reflected XSS vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Library Automation System
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2022-40183 MEDIUM PATCH This Month

An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting (XSS) in the web-based interface. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Videojet Multi 4000 Firmware
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2022-39330 MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Nextcloud Denial Of Service Nextcloud Enterprise Server Nextcloud Server
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy