Filter and search through 887 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2022-34713 | A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application. | 7.8 | 749 | Neutral | Yes |
| Yes |
| CVE-2022-32917 | Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with... | 7.8 | 857 | Neutral | Yes | Yes |
| CVE-2022-32894 | Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges. | 7.8 | 857 | Neutral | Yes | Yes |
| CVE-2022-32893 | Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web cont... | 8.8 | 970 | Neutral | Yes | Yes |
| CVE-2022-3236 | A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution. | 9.8 | 999 | Neutral | Yes | Yes |
| CVE-2022-3180 | The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers ... | 9.8 | 936 | Neutral | Yes | No |
| CVE-2022-31474 | Directory Traversal vulnerability in iThemes BackupBuddy plugin 8.5.8.0 - 8.7.4.1 versions. | 7.5 | 805 | Neutral | Yes | Yes |
| CVE-2022-3075 | Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, t... | 9.6 | 960 | Neutral | Yes | Yes |
| CVE-2022-30190 | A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who succe... | 7.8 | 891 | Viral | Yes | Yes |
| CVE-2022-29499 | The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation. | 9.8 | 999 | Neutral | Yes | Yes |
| CVE-2022-2856 | Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious we... | 6.5 | 592 | Neutral | Yes | Yes |
| CVE-2022-27593 | Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow a... | 9.1 | 950 | Neutral | Yes | Yes |
| CVE-2022-27518 | Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerab... | 9.8 | 885 | Neutral | Yes | Yes |
| CVE-2022-26925 | Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate ... | 5.9 | 580 | Neutral | Yes | Yes |
| CVE-2022-26871 | An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution. | 9.8 | 999 | Neutral | Yes | Yes |
| CVE-2022-26486 | Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution. | 9.6 | 999 | Neutral | Yes | Yes |
| CVE-2022-26485 | Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution. | 8.8 | 970 | Neutral | Yes | Yes |
| CVE-2022-26134 | Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence ... | 9.8 | 999 | Viral | Yes | Yes |
| CVE-2022-24682 | Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability in the Calendar feature that allows an attacker to execut... | 6.1 | 569 | Neutral | Yes | Yes |
| CVE-2022-24521 | Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation. | 7.8 | 857 | Neutral | Yes | Yes |