Skip to main content
CVE-2022-46178 HIGH POC PATCH This Week

MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Metersphere
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-4844 HIGH POC PATCH This Week

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Memos
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-4843 HIGH POC PATCH This Week

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Radare2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-4780 HIGH This Week

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Isos Firmware
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-38212 HIGH This Week

Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Portal For Arcgis
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-38211 HIGH This Week

Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.9.1 and below were not fully honored and may allow a remote, unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Portal For Arcgis
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-38205 HIGH This Week

In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a directory traversal issue may allow a remote, unauthenticated attacker to traverse the file system and lead to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Portal For Arcgis
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-38203 HIGH This Week

Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Portal For Arcgis
NVD
CVSS 3.1
7.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy