Skip to main content
CVE-2022-44311 HIGH POC This Week

html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Html2Xhtml
NVD GitHub
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-39377 HIGH POC This Week

sysstat is a set of system performance tools for the Linux operating system. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Sysstat Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-39343 HIGH POC PATCH This Week

Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Buffer Overflow Azure Rtos Filex
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-43343 HIGH POC This Week

N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow N Prolog
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-41203 HIGH This Week

In some workflow of SAP BusinessObjects BI Platform (Central Management Console and BI LaunchPad), an authenticated attacker with low privileges can intercept a serialized object in the parameters. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Deserialization Businessobjects Business Intelligence
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-44741 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) in David Anderson Testimonial Slider plugin <= 1.3.1 on WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress XSS Testimonial Slider
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-41136 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Vladimir Anokhin's Shortcodes Ultimate plugin <= 5.12.0 on WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress XSS Shortcodes Ultimate
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-38137 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Analytify plugin <= 4.2.2 on WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Analytify Google Analytics Dashboard
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-41757 HIGH This Week

An issue was discovered in the Arm Mali GPU Kernel Driver. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Valhall Gpu Kernel Driver
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-43546 HIGH PATCH This Week

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE 7Kg9501 0Aa01 2Aa1 Firmware 7Kg9501 0Aa31 2Aa1 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-43545 HIGH PATCH This Week

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE 7Kg9501 0Aa01 2Aa1 Firmware 7Kg9501 0Aa31 2Aa1 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2022-43439 HIGH PATCH This Week

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE 7Kg9501 0Aa01 2Aa1 Firmware 7Kg9501 0Aa31 2Aa1 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-43398 HIGH PATCH This Week

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Session Fixation 7Kg9501 0Aa01 2Aa1 Firmware 7Kg9501 0Aa31 2Aa1 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-41214 HIGH This Week

Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to delete a file which is. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Netweaver Application Server Abap
NVD
CVSS 3.1
8.7
EPSS
0.7%
CVE-2022-39328 HIGH PATCH This Week

Grafana is an open-source platform for monitoring and observability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Grafana
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-41211 HIGH This Week

Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP RCE Buffer Overflow 3D Visual Enterprise Author 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-20462 HIGH This Week

In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20452 HIGH POC This Week

In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-20451 HIGH This Week

In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20450 HIGH This Week

In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass user consent due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20441 HIGH This Week

In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-32601 HIGH This Week

In telephony, there is a possible permission bypass due to a parcel format mismatch. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Deserialization Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-43397 HIGH PATCH This Week

A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Simcenter Femap (All. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Parasolid
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-41664 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41663 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-41662 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-41661 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-41660 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-39157 HIGH This Week

A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.0 (All versions >= V34.0.252 < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V34.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Parasolid
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-39136 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-43958 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39), QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qms Automotive
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2022-39386 HIGH PATCH This Week

@fastify/websocket provides WebSocket support for Fastify. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Websocket
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-20445 HIGH This Week

In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-26446 HIGH This Week

In Modem 4G RRC, there is a possible system crash due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Lr12a Lr13 Nr15 Nr16
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-44556 HIGH This Week

Missing parameter type validation in the DRM module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy