Skip to main content
CVE-2022-3944 HIGH POC This Week

A vulnerability was found in jerryhanjj ERP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Erp
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-3952 HIGH POC PATCH This Week

A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Portofino
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.6%
CVE-2022-38387 HIGH PATCH This Week

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection IBM Cloud Pak For Security
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-33942 HIGH This Week

Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Center Manager
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-29893 HIGH This Week

Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Authentication Bypass Privilege Escalation Active Management Technology Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-26341 HIGH PATCH This Week

Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Intel Privilege Escalation Active Management Technology Software Development Kit Endpoint Management Assistant Manageability Commander
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-41906 HIGH PATCH This Week

OpenSearch Notifications is a notifications plugin for OpenSearch that enables other plugins to send notifications via Email, Slack, Amazon Chime, Custom web-hook etc channels. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Opensearch Notifications
NVD GitHub
CVSS 3.1
8.7
EPSS
0.7%
CVE-2022-27639 HIGH This Week

Incomplete cleanup in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Xmm 7560 Firmware
NVD
CVSS 3.1
8.4
EPSS
0.3%
CVE-2022-28126 HIGH This Week

Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Xmm 7560 Firmware
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2022-26367 HIGH This Week

Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Buffer Overflow Xmm 7560 Firmware
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2022-26079 HIGH This Week

Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Xmm 7560 Firmware
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2022-26369 HIGH This Week

Out-of-bounds read in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.1), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Privilege Escalation Buffer Overflow Xmm 7560 Firmware
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2022-41882 HIGH PATCH This Week

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Nextcloud RCE Microsoft Code Injection Desktop
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-38099 HIGH This Week

Improper input validation in BIOS firmware for some Intel(R) NUC 11 Compute Elements before version EBTGL357.0065 may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Nuc 11 Compute Element Cm11Ebi38W Firmware Nuc 11 Compute Element Cm11Ebc4W Firmware Nuc 11 Compute Element Cm11Ebi58W Firmware +5
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-37345 HIGH PATCH This Week

Improper authentication in BIOS firmware[A1] for some Intel(R) NUC Kits before version RY0386 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Authentication Bypass Privilege Escalation Nuc Kit Nuc5I3Ryh Firmware Nuc Kit Nuc5I7Ryh Firmware +6
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-37334 HIGH PATCH This Week

Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards before version TNTGL357.0064 may allow an authenticated user to potentially enable escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Nuc 11 Pro Kit Nuc11Tnhi70Z Firmware Nuc 11 Pro Kit Nuc11Tnki70Z Firmware Nuc 11 Pro Kit Nuc11Tnki30Z Firmware +8
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-36789 HIGH This Week

Improper access control in BIOS firmware for some Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs before version FNCML357.0053 may allow a privileged user to potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Privilege Escalation Nuc 10 Performance Kit Nuc10I7Fnhn Firmware Nuc 10 Performance Kit Nuc10I5Fnkn Firmware +24
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-36400 HIGH This Week

Path traversal in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Microsoft Privilege Escalation Intel Nuc Kit Wireless Adapter Driver Installer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-36377 HIGH This Week

Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Microsoft Privilege Escalation Nuc Kit Wireless Adapter Driver Installer
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-36370 HIGH PATCH This Week

Improper authentication in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Authentication Bypass Privilege Escalation Nuc Kit Nuc5I3Myhe Firmware Nuc Board Nuc5I3Mybe Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30548 HIGH This Week

Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Glorp
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30297 HIGH This Week

Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation XSS Endpoint Management Assistant
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-27638 HIGH PATCH This Week

Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Advanced Link Analyzer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-27187 HIGH PATCH This Week

Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Quartus Prime
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26124 HIGH PATCH This Week

Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits before version CHAPLCEL.0059 may allow a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Intel Privilege Escalation Buffer Overflow Nuc 8 Rugged Kit Nuc8Cchkrn Firmware Nuc 8 Rugged Kit Nuc8Cchkr Firmware +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26024 HIGH This Week

Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Nuc7I3Dnbe Firmware Nuc7I3Dnhe Firmware Nuc7I3Dnhnc Firmware +8
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-27497 HIGH This Week

Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Intel Denial Of Service Active Management Technology Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-27233 HIGH PATCH This Week

XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Intel Information Disclosure Quartus Prime
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-26508 HIGH PATCH This Week

Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Intel Information Disclosure Authentication Bypass Server Debug And Provisioning Tool
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-36384 HIGH This Week

Unquoted search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Microsoft Privilege Escalation Nuc Kit Wireless Adapter Driver Installer
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2022-36380 HIGH This Week

Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Microsoft Privilege Escalation Nuc Kit Wireless Adapter Driver Installer
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2022-26086 HIGH This Week

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Gametechdev Presentmon
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2022-26028 HIGH This Week

Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Vtune Profiler
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2022-28611 HIGH This Week

Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Xmm 7560 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2022-27874 HIGH This Week

Improper authentication in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Privilege Escalation Xmm 7560 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2022-26045 HIGH This Week

Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Buffer Overflow Xmm 7560 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy