Skip to main content
CVE-2022-3817 MEDIUM POC This Month

A vulnerability has been found in Axiomatic Bento4 and classified as problematic. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-3816 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-3815 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-3814 MEDIUM POC This Month

A vulnerability classified as problematic was found in Axiomatic Bento4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-3813 MEDIUM POC This Month

A vulnerability classified as problematic has been found in Axiomatic Bento4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-3812 MEDIUM POC This Month

A vulnerability was found in Axiomatic Bento4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-3807 MEDIUM POC This Month

A vulnerability was found in Axiomatic Bento4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-3310 MEDIUM POC This Month

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Chrome
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-3309 MEDIUM POC This Month

Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-3804 MEDIUM POC This Month

A vulnerability was found in eolinker apinto-dashboard. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Apinto Dashboard
NVD VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-3803 MEDIUM POC This Month

A vulnerability was found in eolinker apinto-dashboard and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Apinto Dashboard
NVD VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-3797 MEDIUM POC This Month

A vulnerability was found in eolinker apinto-dashboard. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Apinto Dashboard
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-43082 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in /fastfood/purchase.php of Fast Food Ordering System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Fast Food Ordering System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-43079 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Train Scheduler App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Train Scheduler App
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-43086 MEDIUM POC This Month

Restaurant POS System v1.0 was discovered to contain a SQL injection vulnerability via update_customer.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Restaurant Pos System
NVD GitHub
CVSS 3.1
4.9
EPSS
0.7%
CVE-2022-43361 MEDIUM POC This Month

Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component pop_chart.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Senayan Library Management System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-43084 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Vehicle Booking System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-43078 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Web Based Student Clearance System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-43076 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in /admin/edit-admin.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Web Based Student Clearance System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-3660 MEDIUM POC This Month

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Chrome
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-3443 MEDIUM POC This Month

Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-3318 MEDIUM POC This Month

Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Denial Of Service Chrome
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-3317 MEDIUM POC This Month

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Chrome
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-3316 MEDIUM POC This Month

Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass security feature via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Chrome
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-42830 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +2
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2022-42829 MEDIUM This Month

A use after free issue was addressed with improved memory management. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +3
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2022-32926 MEDIUM This Month

The issue was addressed with improved bounds checks. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow Ipados Iphone Os +3
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2022-42817 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Watchos
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-3314 MEDIUM This Month

Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-3313 MEDIUM This Month

Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-3311 MEDIUM This Month

Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-32923 MEDIUM This Month

A correctness issue in the JIT was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Safari Ipados Iphone Os +3
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-22658 MEDIUM This Month

An input validation issue was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Iphone Os
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-3781 MEDIUM This Month

Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Devolutions Server Remote Desktop Manager
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-34662 MEDIUM PATCH This Month

When users add resources to the resource center with a relation path will cause path traversal issues and only for logged-in users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Dolphinscheduler
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2022-42321 MEDIUM PATCH This Month

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-42319 MEDIUM PATCH This Month

Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-42318 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42317 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42316 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42315 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42314 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42313 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42312 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42311 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Fedora Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42832 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 6.4). No vendor patch available.

RCE Race Condition Apple Ipados Iphone Os +1
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2022-42831 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 6.4). No vendor patch available.

RCE Race Condition Apple Ipados Iphone Os +1
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2022-42799 MEDIUM This Month

The issue was addressed with improved UI handling. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Safari Ipados Iphone Os +5
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2022-42818 MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2022-23738 MEDIUM This Month

An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Server
NVD GitHub
CVSS 3.1
5.7
EPSS
0.6%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy