Skip to main content
CVE-2022-38650 CRITICAL Act Now

A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE VMware Deserialization Hyperic Server
NVD
CVSS 3.1
10.0
EPSS
0.8%
CVE-2022-38652 CRITICAL Act Now

A remote insecure deserialization vulnerability exixsts in VMWare Hyperic Agent 5.8.6. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft VMware Deserialization Hyperic Agent
NVD
CVSS 3.1
9.9
EPSS
0.8%
CVE-2022-38651 CRITICAL Act Now

A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass VMware Hyperic Server
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-43672 CRITICAL Act Now

Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection (in a different software component relative to CVE-2022-43671. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zoho SQLi Manageengine Access Manager Plus Manageengine Pam360 Manageengine Password Manager Pro
NVD
CVSS 3.1
9.8
EPSS
67.1%
CVE-2022-43671 CRITICAL Act Now

Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zoho SQLi Manageengine Access Manager Plus Manageengine Pam360 Manageengine Password Manager Pro
NVD
CVSS 3.1
9.8
EPSS
74.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy