Metabase cross-site scripting | CVE-2022-24855
NAME Metabase cross-site scripting Platforms Affected:Metabase Metabase 0.42.3 Metabase Metabase 1.42.3 Metabase Metabase 0.41.6 Metabase Metabase 1.41.6 Metabase Metabase 0.40.7...
CVE
alvarotrigo/fullpage.js multiple cross-site scripting | CVE-2022-1330
NAME alvarotrigo/fullpage.js multiple cross-site scripting Platforms Affected:alvarotrigo fullpage.js 4.0.3Risk Level:9.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION alvarotrigo/fullpage.js is vulnerable to cross-site scripting, caused by...
Composer command execution | CVE-2022-24828
NAME Composer command execution Platforms Affected:Composer Composer 1.10.25 Composer Composer 2.2.11 Composer Composer 2.3.4Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Composer could allow...
Red Lion DA50N privilege escalation | CVE-2022-1039
NAME Red Lion DA50N privilege escalation Platforms Affected:Red Lion DA50NRisk Level:9.6Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Red Lion DA50N could allow a remote...
SWHKD command execution |
NAME SWHKD command execution Platforms Affected:SWHKD SWHKD 1.1.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION SWHKD could allow a remote attacker to execute arbitrary...
Schneider Electric EcoStruxure code execution | CVE-2022-26507
NAME Schneider Electric EcoStruxure code execution Platforms Affected:Schneider Electric SCADAPack RemoteConnect for x70 Schneider Electric EcoStruxure Process Expert Schneider Electric...
Jenkins Extended Choice Parameter Plugin cross-site scripting | CVE-2022-29038
NAME Jenkins Extended Choice Parameter Plugin cross-site scripting Platforms Affected:Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86cRisk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Extended...
MinIO privilege escalation | CVE-2022-24842
NAME MinIO privilege escalation Platforms Affected:MinIO MinIO RELEASE.2021-12-09T06-19-41ZRisk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION MinIO could allow a remote authenticated attacker to gain...
Microsoft Windows Kerberos code execution | CVE-2022-24545
NAME Microsoft Windows Kerberos code execution Platforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 10 1809 for...
Aethon TUG Home Base Server information disclosure | CVE-2022-26423
NAME Aethon TUG Home Base Server information disclosure Platforms Affected:Aethon TUG Home Base Server 23 Aethon TUG Home Base Server...
Citrix XenMobile Server code execution | CVE-2022-26151
NAME Citrix XenMobile Server code execution Platforms Affected:Citrix XenMobile Server 10.13.0 Citrix XenMobile Server 10.14.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Citrix XenMobile...
Johnson Controls Metasys information disclosure | CVE-2021-36205
NAME Johnson Controls Metasys information disclosure Platforms Affected:Johnson Controls Metasys 10 Johnson Controls Metasys 11Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Johnson Controls...
Delta Controls enteliTOUCH cross-site scripting |
NAME Delta Controls enteliTOUCH cross-site scripting Platforms Affected:Delta Controls enteliTOUCH 3.40.3935 Delta Controls enteliTOUCH 3.40.3706 Delta Controls enteliTOUCH 3.33.4005Risk Level:7.2Exploitability:HighConsequences:Cross-Site...
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family denial of service | CVE-2022-20682
NAME Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family denial of service Platforms Affected:Cisco Catalyst 9800 Series...
Vyper integer overflow | CVE-2022-24845
NAME Vyper integer overflow Platforms Affected:Vyper Vyper 0.3.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Vyper could allow a remote attacker to execute arbitrary...
Cisco IOS XE Software denial of service | CVE-2022-20678
NAME Cisco IOS XE Software denial of service Platforms Affected:Cisco IOS XE Software Cisco Cloud Services Router 1000V Series Cisco...
Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers denial of service | CVE-2022-20683
NAME Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers denial of service Platforms Affected:Cisco Catalyst 9800 Series...
Microsoft Windows Hyper-V Shared Virtual Hard Disks information disclosure | CVE-2022-24539
NAME Microsoft Windows Hyper-V Shared Virtual Hard Disks information disclosure Platforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft...
Jenkins Jira Plugin cross-site scripting | CVE-2022-29041
NAME Jenkins Jira Plugin cross-site scripting Platforms Affected:Jenkins Jira Plugin 3.7Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Jira Plugin is vulnerable to...
McAfee ePolicy Orchestrator extension for McAfee Agent SQL injection | CVE-2022-1258
NAME McAfee ePolicy Orchestrator extension for McAfee Agent SQL injection Platforms Affected:McAfee ePO Extension for McAfee Agent 4.0 McAfee ePO...
FLIPPED-AURORA Gin-vue-admin SQL injection | CVE-2022-24844
NAME FLIPPED-AURORA Gin-vue-admin SQL injection Platforms Affected:FLIPPED-AURORA Gin-vue-admin 2.5.0Risk Level:8.1Exploitability:HighConsequences:Data Manipulation DESCRIPTION FLIPPED-AURORA Gin-vue-admin is vulnerable to SQL injection. A...
Aethon TUG Home Base Server security bypass | CVE-2022-1066
NAME Aethon TUG Home Base Server security bypass Platforms Affected:Aethon TUG Home Base Server 23 Aethon TUG Home Base Server...
Microsoft Visual Studio code execution | CVE-2022-24765
NAME Microsoft Visual Studio code execution Platforms Affected:Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.1 Microsoft Visual Studio...
Jenkins Credentials Plugin cross-site scripting | CVE-2022-29036
NAME Jenkins Credentials Plugin cross-site scripting Platforms Affected:Jenkins Credentials Plugin 1111.v35a_307992395Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Credentials Plugin is vulnerable to...
