Skip to main content
CVE-2022-4169 MEDIUM PATCH This Month

The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Theme And Plugin Translation For Polylang
NVD VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-38753 MEDIUM This Month

This update resolves a multi-factor authentication bypass attack. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Netiq Advanced Authentication
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2022-41965 MEDIUM PATCH This Month

Opencast is a free, open-source platform to support the management of educational audio and video content. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Opencast
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2022-4129 MEDIUM This Month

A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Linux Denial Of Service Layer 2 Tunneling Protocol Fedora
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-4128 MEDIUM PATCH This Month

A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-4127 MEDIUM PATCH This Month

A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-41732 MEDIUM This Month

IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure IBM Maximo Application Suite
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-45224 MEDIUM This Month

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in Admin/add-admin.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Web Based Student Clearance System
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-45223 MEDIUM This Month

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /Admin/add-student.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Web Based Student Clearance System
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-45221 MEDIUM This Month

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in changepassword.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Web Based Student Clearance System
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-3823 MEDIUM This Month

The Beautiful Cookie Consent Banner WordPress plugin before 2.9.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Beautiful Cookie Consent Banner
NVD WPScan
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-41944 MEDIUM PATCH This Month

Discourse is an open-source discussion platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Discourse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-41921 MEDIUM PATCH This Month

Discourse is an open-source discussion platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Discourse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy