Skip to main content
CVE-2022-44469 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-44468 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-44462 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-42367 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-42366 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-42360 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-38106 MEDIUM This Month

This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Serv U
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-35696 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-35694 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-46870 MEDIUM PATCH This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users'. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Zeppelin
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2022-25626 MEDIUM This Month

An unauthenticated user can access Identity Manager’s management console specific page URLs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Symantec Identity Governance And Administration
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-20530 MEDIUM PATCH This Month

In strings.xml, there is a possible permission bypass due to a misleading string. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-20521 MEDIUM PATCH This Month

In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Google Denial Of Service Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2022-31708 MEDIUM PATCH This Month

vRealize Operations (vROps) contains a broken access control vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass VMware Vrealize Operations
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2022-20606 MEDIUM This Month

In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2022-4130 MEDIUM This Month

A blind site-to-site request forgery vulnerability was found in Satellite server. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Satellite
NVD
CVSS 3.1
4.5
EPSS
0.7%
CVE-2022-42543 MEDIUM This Month

In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42532 MEDIUM This Month

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42530 MEDIUM This Month

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42522 MEDIUM This Month

In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42517 MEDIUM This Month

In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42516 MEDIUM This Month

In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42515 MEDIUM This Month

In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42514 MEDIUM This Month

In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42512 MEDIUM This Month

In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-20595 MEDIUM This Month

In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-20593 MEDIUM This Month

In pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-20589 MEDIUM This Month

In valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-20555 MEDIUM PATCH This Month

In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-20544 MEDIUM PATCH This Month

In onOptionsItemSelected of ManageApplications.java, there is a possible bypass of profile owner restrictions due to a missing permission check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-38756 MEDIUM This Month

A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Groupwise
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2022-23490 MEDIUM PATCH This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Bigbluebutton
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-42351 MEDIUM This Month

Adobe Experience Manager version 6.5.14 (and earlier) is affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2022-41961 MEDIUM PATCH This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Bigbluebutton
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-41960 MEDIUM This Month

BigBlueButton is an open source web conferencing system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Bigbluebutton
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-20541 MEDIUM PATCH This Month

In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2022-20562 LOW PATCH Monitor

In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-20559 LOW PATCH Monitor

In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20558 LOW PATCH Monitor

In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20556 LOW PATCH Monitor

In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-20537 LOW PATCH Monitor

In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20536 LOW PATCH Monitor

In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20535 LOW PATCH Monitor

In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20533 LOW PATCH Monitor

In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20528 LOW PATCH Monitor

In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20526 LOW PATCH Monitor

In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20525 LOW Monitor

In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20519 LOW PATCH Monitor

In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-41963 LOW PATCH Monitor

BigBlueButton is an open source web conferencing system. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Information Disclosure Bigbluebutton
NVD GitHub
CVSS 3.1
3.1
EPSS
0.4%
CVE-2022-41962 LOW PATCH Monitor

BigBlueButton is an open source web conferencing system. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Bigbluebutton
NVD GitHub
CVSS 3.1
2.7
EPSS
0.7%
Prev Page 4 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy