Skip to main content
CVE-2022-42309 HIGH PATCH This Week

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Buffer Overflow Xen Debian Linux Fedora
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-3373 HIGH This Week

Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-3370 HIGH This Week

Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-32892 HIGH This Week

An access issue was addressed with improvements to the sandbox. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari Ipados Iphone Os +1
NVD
CVSS 3.1
8.6
EPSS
0.6%
CVE-2022-32890 HIGH This Week

A logic issue was addressed with improved checks. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
8.6
EPSS
0.6%
CVE-2022-39369 HIGH PATCH This Week

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PHP Phpcas Fedora
NVD GitHub
CVSS 3.1
8.0
EPSS
1.1%
CVE-2022-42827 HIGH KEV THREAT This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-42820 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42809 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow macOS
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42801 HIGH This Week

A logic issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-42800 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42796 HIGH This Week

This issue was addressed by removing the vulnerable code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Privilege Escalation Ipados Iphone Os macOS
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32947 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-32944 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32940 HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32939 HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow Ipados Iphone Os
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32932 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-32924 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Code Injection Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-32915 HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple RCE macOS
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32914 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32907 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation Iphone Os Tvos +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-32905 HIGH This Week

This issue was addressed with improved validation of symlinks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32903 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32898 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-32889 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Iphone Os Watchos
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32887 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Iphone Os
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32866 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow macOS +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32865 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Iphone Os +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32794 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Privilege Escalation Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26762 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-32927 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Ipados Iphone Os
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-32910 HIGH This Week

A logic issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X macOS
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-3780 HIGH This Week

Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data.3.7 and prior versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Remote Desktop Manager
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-42252 HIGH PATCH This Week

If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Tomcat Request Smuggling Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-25892 HIGH PATCH This Week

The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1; all versions of package hummus are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Muhammara
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-43990 HIGH This Week

Password recovery vulnerability in SICK SIM1012 Partnumber 1098146 with firmware version <2.2.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sim1012 0P0G200 Firmware
NVD
CVSS 3.1
7.3
EPSS
0.8%
CVE-2022-43989 HIGH This Week

Password recovery vulnerability in SICK SIM2x00 (ARM) Partnumber 1092673 and 1081902 with firmware version < 1.2.0 allows an unprivileged remote attacker to gain access to the userlevel defined as. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sim2000 2P04G10 Firmware Sim2500 2P03G10 Firmware
NVD
CVSS 3.1
7.3
EPSS
0.8%
CVE-2022-43331 HIGH This Week

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php_action/printOrder.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Canteen Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2022-43330 HIGH This Week

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Canteen Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2022-43329 HIGH This Week

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Canteen Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2022-43328 HIGH This Week

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Canteen Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2022-32925 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple Buffer Overflow Iphone Os Tvos +1
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-42327 HIGH PATCH This Week

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Authentication Bypass Intel Xen Fedora
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-42806 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple Ipados Iphone Os +1
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-42803 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-42791 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple Iphone Os macOS
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-42320 HIGH PATCH This Week

Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. Rated high severity (CVSS 7.0).

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
7.0
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy