Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2022-34765 5.5 MEDIUM EPSS 0.00

X80 advanced RTU Communication Module - Path Traversal

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)

CWE-668 Jul 13, 2022

CVE-2022-32249 7.5 HIGH EPSS 0.00

SAP Business One - Exposure to Wrong Actor

Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker can exploit HANA cockpit�s data volume to gain access to highly sensitive information (e.g., high privileged account credentials)

CWE-668 Jul 12, 2022

CVE-2022-29901 5.6 MEDIUM EPSS 0.00

Intel Core I7-6500u Firmware - Information Disclosure

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

CWE-200 Jul 12, 2022

CVE-2022-33700 2.0 LOW EPSS 0.00

TelephonyUI <SMR Jul-2022 Release 1 - Info Disclosure

Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.

CWE-200 Jul 12, 2022

CVE-2022-33699 2.0 LOW EPSS 0.00

TelephonyUI <SMR Jul-2022 Release 1 - Info Disclosure

Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.

CWE-200 Jul 12, 2022

CVE-2022-33698 3.3 LOW EPSS 0.00

Telecom <SMR Jul-2022 Release 1 - Info Disclosure

Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.

CWE-200 Jul 12, 2022

CVE-2022-33696 4.0 MEDIUM EPSS 0.00

Telephony service <SMR Jul-2022 Release 1 - Info Disclosure

Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.

CWE-213 Jul 12, 2022

CVE-2022-33694 4.0 MEDIUM EPSS 0.00

CSC <SMR Jul-2022 Release 1 - Info Disclosure

Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.

CWE-213 Jul 12, 2022

CVE-2022-33692 4.0 MEDIUM EPSS 0.00

Messaging app <SMR Jul-2022 Release 1 - Info Disclosure

Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.

CWE-213 Jul 12, 2022

CVE-2022-34464 6.3 MEDIUM EPSS 0.00

SICAM GridEdge (Classic) < V2.7.3 - Code Injection

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that file.

CWE-552 Jul 12, 2022

CVE-2022-24139 7.8 HIGH EPSS 0.00

IOBit Advanced System Care 15 - Privilege Escalation

In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -> SYSTEM or from Local ADMIN-> Domain ADMIN depending on the user and named pipe that is used.

CWE-668 Jul 06, 2022

CVE-2021-46687 4.9 MEDIUM EPSS 0.00

JFrog Artifactory <7.31.10,6.23.38 - Info Disclosure

JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.31.10 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x.

CWE-359 Jul 06, 2022

CVE-2013-4561 9.1 CRITICAL 1 Writeup EPSS 0.00

OpenShift - Info Disclosure

In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.

CWE-377 Jun 30, 2022

CVE-2021-20551 3.3 LOW EPSS 0.00

IBM Jazz Team Server - Info Disclosure

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149.

CWE-668 Jun 24, 2022

CVE-2022-32530 4.8 MEDIUM EPSS 0.00

Schneider-electric Geo Scada Mobile < 2020 - Exposure to Wrong Actor

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile (Build 222 and prior)

CWE-668 Jun 24, 2022

CVE-2020-25459 7.5 HIGH 1 Writeup EPSS 0.00

Webank Federated AI Technology Enabler - Exposure to Wrong Actor

An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling.

CWE-668 Jun 16, 2022

CVE-2022-28226 7.8 HIGH EPSS 0.00

Yandex Browser < 22.3.3.801 - Exposure to Wrong Actor

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.

CWE-668 Jun 15, 2022

CVE-2022-31846 7.5 HIGH 1 Writeup NUCLEI EPSS 0.38

Wavlink Wn535g3 Firmware - Exposure to Wrong Actor

A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.

CWE-668 Jun 14, 2022

CVE-2022-31845 7.5 HIGH 1 Writeup NUCLEI EPSS 0.62

Wavlink Wn535g3 Firmware - Exposure to Wrong Actor

A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.

CWE-668 Jun 14, 2022

CVE-2022-29247 2.2 LOW EPSS 0.01

Electron <18.0.0-beta.6,17.2.0,16.2.6,15.5.5 - Privilege Escalation

Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with `nodeIntegrationInSubFrames` enabled which in turn allows effective access to `ipcRenderer`. The `nodeIntegrationInSubFrames` option does not implicitly grant Node.js access. Rather, it depends on the existing sandbox setting. If an application is sandboxed, then `nodeIntegrationInSubFrames` just gives access to the sandboxed renderer APIs, which include `ipcRenderer`. If the application then additionally exposes IPC messages without IPC `senderFrame` validation that perform privileged actions or return confidential data this access to `ipcRenderer` can in turn compromise your application / user even with the sandbox enabled. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. As a workaround, ensure that all IPC message handlers appropriately validate `senderFrame`.

CWE-668 Jun 13, 2022

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps