Skip to main content
CVE-2022-4606 CRITICAL POC PATCH THREAT Act Now

PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

LFI Information Disclosure PHP Flatpress
NVD GitHub
CVSS 3.1
9.8
EPSS
35.4%
CVE-2022-47514 HIGH POC This Week

An XML external entity (XXE) injection vulnerability in XML-RPC.NET before 2.5.0 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, as demonstrated by a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF XXE Xml Rpc Net
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-47517 HIGH POC PATCH This Week

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-47516 HIGH POC PATCH This Week

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-47515 HIGH POC PATCH This Week

An issue was discovered in drachtio-server before 0.8.20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-4607 CRITICAL PATCH Act Now

A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Ogc Web Feature Service
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-4594 CRITICAL PATCH Act Now

A vulnerability was found in drogatkin TJWS2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Tjws2
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-4592 CRITICAL PATCH Act Now

A vulnerability was found in luckyshot CRMx and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP SQLi Crmx
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2022-4605 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Flatpress
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-4597 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Shoplazza LifeStyle 1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lifestyle
NVD VulDB
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-4596 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lifestyle
NVD VulDB
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-4604 HIGH PATCH This Week

A vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF PHP Wp English Wp Admin
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-47521 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.0.11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Linux Buffer Overflow Linux Kernel Debian Linux +5
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-47519 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.0.11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Linux Buffer Overflow Linux Kernel Debian Linux +5
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-47518 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.0.11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Linux Buffer Overflow Linux Kernel Debian Linux +5
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-47520 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.0.11. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Linux Buffer Overflow Linux Kernel Debian Linux +5
NVD GitHub
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-4603 MEDIUM PATCH This Month

A vulnerability classified as problematic has been found in ppp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Ppp
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-4595 MEDIUM PATCH This Month

A vulnerability classified as problematic has been found in django-openipam. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python XSS Django Openipam
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4593 MEDIUM PATCH This Month

A vulnerability was found in retra-system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Retra System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-4602 MEDIUM This Month

A vulnerability was found in Shoplazza LifeStyle 1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Lifestyle
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-4601 MEDIUM This Month

A vulnerability was found in Shoplazza LifeStyle 1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Lifestyle
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-4600 MEDIUM This Month

A vulnerability was found in Shoplazza LifeStyle 1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Lifestyle
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-4599 MEDIUM This Month

A vulnerability was found in Shoplazza LifeStyle 1.1 and classified as problematic. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Lifestyle
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-4598 MEDIUM This Month

A vulnerability has been found in Shoplazza LifeStyle 1.1 and classified as problematic. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Lifestyle
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy