Updates July 2022

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Microsoft Windows107
Google Android104
Adobe Flash Player104
Mozilla Firefox95
Apple iOS93

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix2842
Temporary Fix0
Workaround60
Unavailable35
Not Defined1096

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High58
Functional1
Proof-of-Concept661
Unproven289
Not Defined3024

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base

≤10
≤21
≤313
≤4236
≤5457
≤6823
≤7873
≤81000
≤9380
≤10250

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤21
≤318
≤4268
≤5526
≤6953
≤7862
≤8855
≤9350
≤10200

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day

<1k538
<2k728
<5k830
<10k488
<25k752
<50k318
<100k303
≥100k76

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k2620
<2k505
<5k397
<10k245
<25k242
<50k24
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

UpdatedBaseTempVulnerabilityChangeExpRemCTICVE
07/31/20224.24.2Mealie Login timing discrepancy(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.14CVE-2022-32425
07/31/20227.57.5oretnom23 Product Show Room Site sql injection(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined1.13CVE-2022-32415
07/31/20224.34.3Mattermost Guest Account information disclosure(7): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_aiNot DefinedNot Defined0.00CVE-2022-2408
07/31/20224.54.5GtkRadiant q3map2 buffer overflow(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.03CVE-2022-32406
07/31/20225.95.9Isode SWIFT Registry Editor hard-coded credentials(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.00CVE-2022-32389
07/31/20227.67.5AutoTrace input-bmp.c ReadImage heap-based overflow(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.13CVE-2022-32323
07/31/20224.94.7MPlayer File vo_v4l2.c denial of service(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aProof-of-ConceptNot Defined1.78CVE-2022-32317
07/31/20225.55.5Toybox httpd.c null pointer dereference(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.04CVE-2022-32298
07/31/20226.96.8Piwigo Search sql injection(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.03CVE-2022-32297
07/31/20224.44.4Gradle Dependency Verification unknown vulnerability(10): vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix1.60CVE-2022-31156
07/31/20224.94.8AMD Ryzen/Athlon/EPYC Branch Predictor information disclosure(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.14CVE-2022-23825
07/31/20227.27.1AMD Ryzen/Athlon System Management Interface out-of-bounds(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.00CVE-2021-26384
07/31/20224.44.3AMD Ryzen Audio Co-Processor denial of service(10): vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix1.49CVE-2021-26382
07/31/20225.05.0Mattermost Legacy Slack Import resource consumption(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined1.47CVE-2022-2406
07/31/20227.67.5Portal do Software Publico Brasileiro i3geo HTTP Request codemirror.php file inclusion(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined1.72CVE-2022-32409
07/31/20224.94.8Linux Kernel eBPF bpf.c nsim_bpf_map_alloc information disclosure(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.07CVE-2021-4135
07/31/20224.84.7Portal do Software Publico Brasileiro i3geo request_token.php cross site scripting(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined1.60CVE-2022-34094
07/31/20224.84.7Portal do Software Publico Brasileiro i3geo access_token.php cross site scripting(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined1.66CVE-2022-34093
07/31/20224.84.7Portal do Software Publico Brasileiro i3geo svg2img.php cross site scripting(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.00CVE-2022-34092
07/31/20226.76.6oretnom23 Product Show Room Site sql injection(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.52CVE-2022-32416
07/31/20224.44.4oretnom23 Fast Food Ordering System cross site scripting(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.52CVE-2022-32318
07/31/20224.24.2IBM Security Verify Identity Manager information disclosure(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.00CVE-2022-22460
07/31/20225.45.4IBM Security Verify Identity Manager inadequate encryption(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.03CVE-2022-22453
07/31/20224.14.0IBM Security Verify Identity Manager HTTP Request unrestricted upload(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.03CVE-2022-22450
07/31/20225.55.5IBM Security Verify Identity Manager excessive authentication(21): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_cna, vulnerability_cvss3_cna_basescore, vulnerability_cvss3_cna_av, vulnerability_cvss3_cna_ac, vulnerability_cvss3_cna_pr, vulnerability_cvss3_cna_ui, vulnerability_cvss3_cna_s, vulnerability_cvss3_cna_c, vulnerability_cvss3_cna_i, vulnerability_cvss3_cna_aNot DefinedOfficial Fix0.68CVE-2022-22452
07/31/20228.07.9PbootCMS function.php parserIfLabel code injection(20): vulnerability_cwe, vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, exploit_price_0dayNot DefinedNot Defined0.11CVE-2022-32417
07/31/20228.07.6URVE Web Manager uploader.php unrestricted upload(11): vulnerability_cvss3_meta_tempscore, source_cve_cna, vulnerability_cvss3_cna_basescore, vulnerability_cvss3_cna_av, vulnerability_cvss3_cna_ac, vulnerability_cvss3_cna_pr, vulnerability_cvss3_cna_ui, vulnerability_cvss3_cna_s, vulnerability_cvss3_cna_c, vulnerability_cvss3_cna_i, vulnerability_cvss3_cna_aProof-of-ConceptNot Defined0.43CVE-2022-2420
07/31/20227.87.5HPE iLO 5 Local Privilege Escalation(1): software_affectedlistNot DefinedOfficial Fix0.31CVE-2022-28636
07/31/20227.87.5HPE iLO 5 Local Privilege Escalation(1): software_affectedlistNot DefinedOfficial Fix0.19CVE-2022-28635
07/31/20227.87.5HPE iLO 5 Local Privilege Escalation(1): software_affectedlistNot DefinedOfficial Fix0.04CVE-2022-28634
07/31/20228.88.4HPE iLO 5 Remote Code Execution(1): software_affectedlistNot DefinedOfficial Fix0.57CVE-2022-28633
07/31/20228.88.4HPE iLO 5 Remote Code Execution(1): software_affectedlistNot DefinedOfficial Fix0.23CVE-2022-28632
07/31/20228.88.4HPE iLO 5 Remote Code Execution(1): software_affectedlistNot DefinedOfficial Fix0.54CVE-2022-28631
07/31/20227.87.5HPE iLO 5 Local Privilege Escalation(1): software_affectedlistNot DefinedOfficial Fix0.11CVE-2022-28630
07/31/20227.87.5HPE iLO 5 Local Privilege Escalation(1): software_affectedlistNot DefinedOfficial Fix0.07CVE-2022-28629
07/31/20227.87.5HPE iLO 5 Local Privilege Escalation(1): software_affectedlistNot DefinedOfficial Fix0.25CVE-2022-28628
07/31/20227.87.5HPE iLO 5 Local Privilege Escalation(1): software_affectedlistNot DefinedOfficial Fix0.11CVE-2022-28627
07/31/20227.87.5HPE iLO 5 Local Privilege Escalation(1): software_affectedlistNot DefinedOfficial Fix0.66CVE-2022-28626
07/31/20228.07.6URVE Web Manager upload.php unrestricted upload(11): vulnerability_cvss3_meta_tempscore, source_cve_cna, vulnerability_cvss3_cna_basescore, vulnerability_cvss3_cna_av, vulnerability_cvss3_cna_ac, vulnerability_cvss3_cna_pr, vulnerability_cvss3_cna_ui, vulnerability_cvss3_cna_s, vulnerability_cvss3_cna_c, vulnerability_cvss3_cna_i, vulnerability_cvss3_cna_aProof-of-ConceptNot Defined0.10CVE-2022-2419
07/31/20228.07.6URVE Web Manager img_upload.php unrestricted upload(11): vulnerability_cvss3_meta_tempscore, source_cve_cna, vulnerability_cvss3_cna_basescore, vulnerability_cvss3_cna_av, vulnerability_cvss3_cna_ac, vulnerability_cvss3_cna_pr, vulnerability_cvss3_cna_ui, vulnerability_cvss3_cna_s, vulnerability_cvss3_cna_c, vulnerability_cvss3_cna_i, vulnerability_cvss3_cna_aProof-of-ConceptNot Defined0.12CVE-2022-2418
07/31/20227.07.0Sage 300 ERP Installer Runtime untrusted search path(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.03CVE-2021-45492
07/31/20227.37.3Node.js http Module request smuggling(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.06CVE-2022-32215
07/31/20227.37.3Node.js http Module request smuggling(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.04CVE-2022-32213
07/31/20226.86.7Node.js IsAllowedHost os command injection(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.12CVE-2022-32212
07/31/20226.16.1Dingtian DT-R002 2CH HTTP POST Request relay_cgi.cgi improper authentication(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.00CVE-2022-29593
07/31/20225.65.5pki-core Message Content improper authorization(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.03CVE-2022-2393
07/31/20227.37.3Node.js http Module request smuggling(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.03CVE-2022-32214
07/31/20227.57.5TP-LINK TL-WR841N httpd buffer overflow(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.04CVE-2022-30024
07/31/20224.94.8convert2rhel run-convert2rhel.yml information disclosure(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.00CVE-2022-1662
07/31/20226.96.9Undici.ProxyAgent certificate validation(11): vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedNot Defined0.00CVE-2022-32210

3983 more entries are not shown

Do you know our Splunk app?

Download it now for free!