Bitrix restore.php file upload | CVE-2022-29268
NAME Bitrix restore.php file upload Platforms Affected:Bitrix Bitrix 7.5.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Bitrix could allow a remote attacker to upload...
Vulnerabilities
GeoTools code execution | CVE-2022-24818
NAME GeoTools code execution Platforms Affected:GeoTools GeoTools 26.3 GeoTools GeoTools 25.5 GeoTools GeoTools 24.5Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION GeoTools could allow...
JAI-EXT code execution | CVE-2022-24816
NAME JAI-EXT code execution Platforms Affected:JAI-EXT JAI-EXT 1.1.21Risk Level:10Exploitability:UnprovenConsequences:Gain Access DESCRIPTION JAI-EXT could allow a remote attacker to execute arbitrary...
LDAP Account Manager cross-site scripting | CVE-2022-24851
NAME LDAP Account Manager cross-site scripting Platforms Affected:LDAP Account Manager (LAM) LDAP Account Manager (LAM) 7.9.0Risk Level:8.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION LDAP...
Synacor ZCS version 8.8.7-CVE-2018-6882
NAME Synacor - Zimbra Collaboration Suite (ZCS) Platforms Affected:Zimbra Collaboration Suite (ZCS)Risk Level:mediumCVE Type:XSS DESCRIPTION CVE-2018-6882 is a cross-site scripting...
Red Lion DA50N code execution | CVE-2022-26516
NAME Red Lion DA50N code execution Platforms Affected:Red Lion DA50NRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Red Lion DA50N could allow a remote...
Red Lion DA50N privilege escalation | CVE-2022-1039
NAME Red Lion DA50N privilege escalation Platforms Affected:Red Lion DA50NRisk Level:9.6Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Red Lion DA50N could allow a remote...
SWHKD command execution |
NAME SWHKD command execution Platforms Affected:SWHKD SWHKD 1.1.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION SWHKD could allow a remote attacker to execute arbitrary...
Schneider Electric EcoStruxure code execution | CVE-2022-26507
NAME Schneider Electric EcoStruxure code execution Platforms Affected:Schneider Electric SCADAPack RemoteConnect for x70 Schneider Electric EcoStruxure Process Expert Schneider Electric...
Metabase SQL injection | CVE-2022-24854
NAME Metabase SQL injection Platforms Affected:Metabase Metabase 0.42.3 Metabase Metabase 1.42.3 Metabase Metabase 0.41.6 Metabase Metabase 1.41.6Risk Level:8Exploitability:HighConsequences:Data Manipulation DESCRIPTION...
Metabase cross-site scripting | CVE-2022-24855
NAME Metabase cross-site scripting Platforms Affected:Metabase Metabase 0.42.3 Metabase Metabase 1.42.3 Metabase Metabase 0.41.6 Metabase Metabase 1.41.6 Metabase Metabase 0.40.7...
alvarotrigo/fullpage.js multiple cross-site scripting | CVE-2022-1330
NAME alvarotrigo/fullpage.js multiple cross-site scripting Platforms Affected:alvarotrigo fullpage.js 4.0.3Risk Level:9.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION alvarotrigo/fullpage.js is vulnerable to cross-site scripting, caused by...
Composer command execution | CVE-2022-24828
NAME Composer command execution Platforms Affected:Composer Composer 1.10.25 Composer Composer 2.2.11 Composer Composer 2.3.4Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Composer could allow...
Jenkins Extended Choice Parameter Plugin cross-site scripting | CVE-2022-29038
NAME Jenkins Extended Choice Parameter Plugin cross-site scripting Platforms Affected:Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86cRisk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Extended...
MinIO privilege escalation | CVE-2022-24842
NAME MinIO privilege escalation Platforms Affected:MinIO MinIO RELEASE.2021-12-09T06-19-41ZRisk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION MinIO could allow a remote authenticated attacker to gain...
Microsoft Windows Kerberos code execution | CVE-2022-24545
NAME Microsoft Windows Kerberos code execution Platforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 10 1809 for...
Citrix XenMobile Server code execution | CVE-2022-26151
NAME Citrix XenMobile Server code execution Platforms Affected:Citrix XenMobile Server 10.13.0 Citrix XenMobile Server 10.14.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Citrix XenMobile...
Aethon TUG Home Base Server information disclosure | CVE-2022-26423
NAME Aethon TUG Home Base Server information disclosure Platforms Affected:Aethon TUG Home Base Server 23 Aethon TUG Home Base Server...
Johnson Controls Metasys information disclosure | CVE-2021-36205
NAME Johnson Controls Metasys information disclosure Platforms Affected:Johnson Controls Metasys 10 Johnson Controls Metasys 11Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Johnson Controls...
Delta Controls enteliTOUCH cross-site scripting |
NAME Delta Controls enteliTOUCH cross-site scripting Platforms Affected:Delta Controls enteliTOUCH 3.40.3935 Delta Controls enteliTOUCH 3.40.3706 Delta Controls enteliTOUCH 3.33.4005Risk Level:7.2Exploitability:HighConsequences:Cross-Site...
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family denial of service | CVE-2022-20682
NAME Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family denial of service Platforms Affected:Cisco Catalyst 9800 Series...
Vyper integer overflow | CVE-2022-24845
NAME Vyper integer overflow Platforms Affected:Vyper Vyper 0.3.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Vyper could allow a remote attacker to execute arbitrary...
Cisco IOS XE Software denial of service | CVE-2022-20678
NAME Cisco IOS XE Software denial of service Platforms Affected:Cisco IOS XE Software Cisco Cloud Services Router 1000V Series Cisco...
Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers denial of service | CVE-2022-20683
NAME Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers denial of service Platforms Affected:Cisco Catalyst 9800 Series...
