VikBooking Hotel Booking Engine and PMS plugin for WordPress file upload | CVE-2022-27862
NAME VikBooking Hotel Booking Engine and PMS plugin for WordPress file upload Platforms Affected:WordPress VikBooking Hotel Booking Engine and PMS...
Vulnerabilities
Oracle Web Services Manager unspecified | CVE-2022-21497
NAME Oracle Web Services Manager unspecified Platforms Affected:Oracle Web Services 12.2.1.3.0 Oracle Web Services 12.2.1.4.0Risk Level:8.1Exploitability:UnprovenConsequences:Other DESCRIPTION An unspecified vulnerability...
7-Zip privilege escalation | CVE-2022-29072
NAME 7-Zip privilege escalation Platforms Affected:7-Zip 7-Zip 21.07Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Privileges DESCRIPTION 7-Zip could allow a local authenticated attacker...
Elcomplus SmartPPT SCADA and SmartPPT SCADA Server file upload | CVE-2021-43934
NAME Elcomplus SmartPPT SCADA and SmartPPT SCADA Server file upload Platforms Affected:Elcomplus SmartPPT SCADA 1.1 Elcomplus SmartPPT SCADA Server 1.4Risk...
Oracle JDeveloper unspecified | CVE-2022-21445
NAME Oracle JDeveloper unspecified Platforms Affected:Oracle JDeveloper 12.2.1.3.0Risk Level:9.8Exploitability:UnprovenConsequences:Other DESCRIPTION An unspecified vulnerability in Oracle JDeveloper related to the ADF...
Elcomplus SmartPPT SCADA and SmartPPT SCADA Server cross-site scripting | CVE-2021-43932
NAME Elcomplus SmartPPT SCADA and SmartPPT SCADA Server cross-site scripting Platforms Affected:Elcomplus SmartPPT SCADA 1.1 Elcomplus SmartPPT SCADA Server 1.4Risk...
Oracle Communications Billing and Revenue Management unspecified | CVE-2022-21431
NAME Oracle Communications Billing and Revenue Management unspecified Platforms Affected:Oracle Communications Billing and Revenue Management 12.0.0.4 Oracle Communications Billing and...
Git Large File Storage (Git LFS) code execution | CVE-2022-24826
NAME Git Large File Storage (Git LFS) code execution Platforms Affected:Git LFS 2.12.1 Git LFS 3.1.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Git...
VMware security advisory-CVE-2022-22960
NAME VMware - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Privilege escalation DESCRIPTION CVE-2022-22960 is a privilege escalation vulnerability impacting multiple versions of...
CachetHQ Cachet version 2.5.1-CVE-2021-39173
NAME CachetHQ - Cachet Platforms Affected:CachetRisk Level:lowCVE Type:Unspecified DESCRIPTION CVE-2021-39173 is an unspecified vulnerability impacting CachetHQ Cachet versions 2.5.0 and...
Bitrix restore.php file upload | CVE-2022-29268
NAME Bitrix restore.php file upload Platforms Affected:Bitrix Bitrix 7.5.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Bitrix could allow a remote attacker to upload...
GeoTools code execution | CVE-2022-24818
NAME GeoTools code execution Platforms Affected:GeoTools GeoTools 26.3 GeoTools GeoTools 25.5 GeoTools GeoTools 24.5Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION GeoTools could allow...
JAI-EXT code execution | CVE-2022-24816
NAME JAI-EXT code execution Platforms Affected:JAI-EXT JAI-EXT 1.1.21Risk Level:10Exploitability:UnprovenConsequences:Gain Access DESCRIPTION JAI-EXT could allow a remote attacker to execute arbitrary...
LDAP Account Manager cross-site scripting | CVE-2022-24851
NAME LDAP Account Manager cross-site scripting Platforms Affected:LDAP Account Manager (LAM) LDAP Account Manager (LAM) 7.9.0Risk Level:8.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION LDAP...
Microsoft Edge privilege escalation | CVE-2022-29144
NAME Microsoft Edge privilege escalation Platforms Affected:Microsoft Edge (Chromium-based)Risk Level:8.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Microsoft Edge (Chromium-based) could allow a remote attacker...
CENTUM VP products command execution | CVE-2022-27188
NAME CENTUM VP products command execution Platforms Affected:Yokogawa Electric Corporation CENTUM VP 4.01.00 Yokogawa Electric Corporation CENTUM VP Small 4.01.00...
Synacor ZCS version 8.8.7-CVE-2018-6882
NAME Synacor - Zimbra Collaboration Suite (ZCS) Platforms Affected:Zimbra Collaboration Suite (ZCS)Risk Level:mediumCVE Type:XSS DESCRIPTION CVE-2018-6882 is a cross-site scripting...
Red Lion DA50N code execution | CVE-2022-26516
NAME Red Lion DA50N code execution Platforms Affected:Red Lion DA50NRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Red Lion DA50N could allow a remote...
Red Lion DA50N privilege escalation | CVE-2022-1039
NAME Red Lion DA50N privilege escalation Platforms Affected:Red Lion DA50NRisk Level:9.6Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Red Lion DA50N could allow a remote...
SWHKD command execution |
NAME SWHKD command execution Platforms Affected:SWHKD SWHKD 1.1.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION SWHKD could allow a remote attacker to execute arbitrary...
Schneider Electric EcoStruxure code execution | CVE-2022-26507
NAME Schneider Electric EcoStruxure code execution Platforms Affected:Schneider Electric SCADAPack RemoteConnect for x70 Schneider Electric EcoStruxure Process Expert Schneider Electric...
Metabase SQL injection | CVE-2022-24854
NAME Metabase SQL injection Platforms Affected:Metabase Metabase 0.42.3 Metabase Metabase 1.42.3 Metabase Metabase 0.41.6 Metabase Metabase 1.41.6Risk Level:8Exploitability:HighConsequences:Data Manipulation DESCRIPTION...
Metabase cross-site scripting | CVE-2022-24855
NAME Metabase cross-site scripting Platforms Affected:Metabase Metabase 0.42.3 Metabase Metabase 1.42.3 Metabase Metabase 0.41.6 Metabase Metabase 1.41.6 Metabase Metabase 0.40.7...
alvarotrigo/fullpage.js multiple cross-site scripting | CVE-2022-1330
NAME alvarotrigo/fullpage.js multiple cross-site scripting Platforms Affected:alvarotrigo fullpage.js 4.0.3Risk Level:9.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION alvarotrigo/fullpage.js is vulnerable to cross-site scripting, caused by...
