Skip to main content
CVE-2022-23520 MEDIUM POC PATCH This Month

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rails Html Sanitizers Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2022-46073 MEDIUM POC This Month

Helmet Store Showroom 1.0 is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Helmet Store Showroom
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2022-23519 MEDIUM POC PATCH This Month

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rails Html Sanitizers Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
1.0%
CVE-2022-23518 MEDIUM POC PATCH This Month

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rails Html Sanitizers Debian Linux Loofah
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-3590 MEDIUM POC This Month

WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

SSRF WordPress
NVD WPScan
CVSS 3.1
5.9
EPSS
3.1%
CVE-2022-42141 MEDIUM POC This Month

Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Cross Site Scripting (XSS) via lform/urlfilter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dx 2100 L1 Cn Firmware
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-47407 MEDIUM PATCH This Month

An issue was discovered in the fp_masterquiz (aka Master-Quiz) extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Master Quiz
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-23501 MEDIUM PATCH This Month

TYPO3 is an open source PHP based web content management system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Typo3
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-4410 MEDIUM PATCH This Month

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Permalink Manager Lite
NVD WPScan VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2022-23527 MEDIUM This Month

mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Open Redirect Mod Auth Openidc Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-4495 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, has been found in collective.dms.basecontent up to 1.6.py. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Collective Dms Basecontent
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-23515 MEDIUM PATCH This Month

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Loofah Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-3073 MEDIUM This Month

Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS 19 Iot Md01 Lan H4 S0011 Firmware Fp Iot Md01 4Eu S2 00000 Firmware Fp Iot Md01 Lan S2 00000 Firmware Fp Iot Md01 Lan S2 00011 Firmware +5
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-3917 MEDIUM This Month

Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Moto E20 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3115 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3114 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3113 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2022-3112 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3111 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3110 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3108 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Amd Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3107 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3106 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3105 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-3104 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.16-rc6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-23502 MEDIUM PATCH This Month

TYPO3 is an open source PHP based web content management system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PHP Typo3
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-31701 MEDIUM This Month

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass VMware Access Cloud Foundation Identity Manager Connector
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-23504 MEDIUM PATCH This Month

TYPO3 is an open source PHP based web content management system. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PHP Typo3
NVD GitHub
CVSS 3.1
4.9
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy