Skip to main content
CVE-2022-46355 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Siemens Information Disclosure 6Gk5204 0Ba00 2Mb2 Firmware 6Gk5204 0Ba00 2Kb2 Firmware 6Gk5204 0Bs00 2Na3 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-46352 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Siemens Denial Of Service 6Gk5204 0Ba00 2Mb2 Firmware 6Gk5204 0Ba00 2Kb2 Firmware 6Gk5204 0Bs00 2Na3 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-43723 HIGH PATCH This Week

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Sicam Pas Pqs
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-3996 HIGH PATCH This Week

If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service OpenSSL
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-33238 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8064au Firmware +281
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-33235 HIGH This Week

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8096Au Firmware +244
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25702 HIGH This Week

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8037 Firmware +76
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25692 HIGH This Week

Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Ar8035 Firmware Qca6390 Firmware Qca6391 Firmware +59
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25691 HIGH This Week

Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Ar8035 Firmware Qca8081 Firmware Qca8337 Firmware +21
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25689 HIGH This Week

Denial of service in Modem due to reachable assertion in Snapdragon Mobile. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Ar8035 Firmware Qca8081 Firmware Qca8337 Firmware +6
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25685 HIGH This Week

Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware +123
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25673 HIGH This Week

Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Ar8035 Firmware Qca8081 Firmware Qca8337 Firmware +11
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25672 HIGH This Week

Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Ar8035 Firmware Qca8081 Firmware Qca8337 Firmware +21
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-20483 HIGH This Week

In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-46363 HIGH PATCH This Week

A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apache Cxf
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-45871 HIGH This Week

A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing ICAP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Atlant
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-23505 HIGH PATCH This Week

Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Passport Wsfed Saml2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-41268 HIGH This Week

In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

SAP Privilege Escalation Business Planning And Consolidation
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-20501 HIGH PATCH This Week

In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2022-20442 HIGH This Week

In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2022-41561 HIGH This Week

The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Jasperreports Server
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46144 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC626-2C. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Siemens Information Disclosure 6Gk5622 2Gs00 2Ac2 Firmware 6Gk5626 2Gs00 2Ac2 Firmware 6Gk5632 2Gs00 2Ac2 Firmware +3
NVD
CVSS 4.0
7.1
EPSS
0.9%
CVE-2022-46140 HIGH This Week

Affected devices use a weak encryption scheme to encrypt the debug zip file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware Scalance M804Pb Firmware Scalance M812 1 Adsl Router Firmware +97
NVD
CVSS 4.0
7.1
EPSS
0.2%
CVE-2022-44673 HIGH This Week

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +1
NVD
CVSS 3.1
7.0
EPSS
5.2%
CVE-2022-44669 HIGH This Week

Windows Error Reporting Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Microsoft Windows 10 Windows 11 +2
NVD
CVSS 3.1
7.0
EPSS
0.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy