Skip to main content
CVE-2022-42841 HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption macOS
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42840 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple RCE Buffer Overflow Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-42805 HIGH This Week

An integer overflow was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Apple Ipados Iphone Os +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32948 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple RCE Buffer Overflow Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32942 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple RCE Buffer Overflow macOS
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-32860 HIGH This Week

An out-of-bounds write was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple RCE Buffer Overflow Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-22063 HIGH This Week

Memory corruption in Core due to improper configuration in boot remapper. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apq8096Au Firmware Mdm9640 Firmware Mdm9645 Firmware +5
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-23526 HIGH PATCH This Week

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Kubernetes Denial Of Service Helm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-23525 HIGH PATCH This Week

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Kubernetes Denial Of Service Helm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-23524 HIGH PATCH This Week

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Denial Of Service Helm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-42845 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Apple RCE Buffer Overflow Ipados +4
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2022-42855 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Privilege Escalation Ipados Iphone Os macOS +1
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2022-42864 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2022-46698 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft Icloud Safari +5
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-46695 MEDIUM This Month

A spoofing issue existed in the handling of URLs. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Ipados Iphone Os macOS +2
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2022-42852 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari Ipados Iphone Os +3
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-23507 MEDIUM PATCH This Month

Tendermint is a high-performance blockchain consensus engine for Byzantine fault tolerant applications. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Jwt Attack Tendermint Light Client Js Tendermint Light Client Verifier Tendermint Light Client
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-27498 MEDIUM This Month

A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Lansweeper
NVD
CVSS 3.1
6.5
EPSS
38.3%
CVE-2022-4527 MEDIUM PATCH This Month

A vulnerability was found in collective.task up to 3.0.8. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Collective Task
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4526 MEDIUM PATCH This Month

A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python XSS Django Photologue
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4525 MEDIUM PATCH This Month

A vulnerability has been found in National Sleep Research Resource sleepdata.org up to 58.x and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Sleepdata
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4524 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, was found in Roots soil Plugin up to 4.0.x. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Soil
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-4523 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, has been found in vexim2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Virtual Exim 2
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4522 MEDIUM PATCH This Month

A vulnerability classified as problematic was found in CalendarXP up to 10.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Calendarxp
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4521 MEDIUM PATCH This Month

A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Carbon Registry
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-4514 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, was found in Opencaching Deutschland oc-server3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP XSS Oc Server3
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-4513 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, has been found in European Environment Agency eionet.contreg. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Eionet Content Registry
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-32531 MEDIUM PATCH This Month

The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Apache Information Disclosure Bookkeeper
NVD
CVSS 3.1
5.9
EPSS
1.0%
CVE-2022-46768 MEDIUM PATCH This Month

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Zabbix Information Disclosure Web Service Report Generation Zabbix Agent2
NVD
CVSS 3.1
5.9
EPSS
47.8%
CVE-2022-4519 MEDIUM This Month

The WP User plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters in versions up to, and including, 7.0 due to insufficient input sanitization and output. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Wp User
NVD VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-46702 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-46692 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Authentication Bypass Icloud Safari +5
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-42866 MEDIUM This Month

The issue was addressed with improved handling of caches. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42865 MEDIUM This Month

This issue was addressed by enabling hardened runtime. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42862 MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42859 MEDIUM This Month

Multiple issues were addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42854 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42853 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-42851 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Buffer Overflow Ipados Iphone Os +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42846 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Ipados Iphone Os
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42843 MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-42821 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD
CVSS 3.1
5.5
EPSS
3.9%
CVE-2022-32916 MEDIUM This Month

An out-of-bounds read issue existed that led to the disclosure of kernel memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Buffer Overflow Iphone Os
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-46392 MEDIUM This Month

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Mbed Tls Fedora
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.2%
CVE-2022-32943 MEDIUM This Month

The issue was addressed with improved bounds checks. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Buffer Overflow Ipados Iphone Os +1
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-32833 MEDIUM This Month

An issue existed with the file paths used to store website data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Safari Iphone Os macOS
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-32945 MEDIUM This Month

An access issue was addressed with additional sandbox restrictions on third-party apps. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS
NVD
CVSS 3.1
4.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy