Skip to main content
CVE-2022-29853 MEDIUM This Month

OX App Suite through 8.2 allows XSS via a certain complex hierarchy that forces use of Show Entire Message for a huge HTML e-mail message. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-29852 MEDIUM This Month

OX App Suite through 8.2 allows XSS because BMFreehand10 and image/x-freehand are not blocked. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-41767 MEDIUM PATCH This Month

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure PHP Mediawiki
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-41765 MEDIUM PATCH This Month

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mediawiki
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-24120 MEDIUM PATCH This Month

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware Sd1 Firmware Sd2 Firmware +4
NVD
CVSS 3.1
4.6
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy