Latest CVE Feed
-
9.8
CRITICALCVE-2022-27586
Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version <2.0.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. Th... Read more
- EPSS Score: %2.12
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
9.8
CRITICALCVE-2022-27584
Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in ... Read more
- EPSS Score: %1.88
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
9.8
CRITICALCVE-2022-27582
Password recovery vulnerability in SICK SIM4000 (PPC) Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase... Read more
Affected Products : sim2000_firmware sim2000st_firmware sim2500_firmware sim1012_firmware sim1004_firmware sim1000_fx_firmware sim4000_firmware sim2000 sim2000st sim2500 +4 more products- EPSS Score: %1.79
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
7.8
HIGHCVE-2022-26762
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with system privileges.... Read more
- EPSS Score: %0.14
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
8.8
HIGHCVE-2022-26730
A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution.... Read more
Affected Products : macos- EPSS Score: %0.64
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
8.8
HIGHCVE-2022-26719
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execut... Read more
- EPSS Score: %0.13
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
8.8
HIGHCVE-2022-26717
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lea... Read more
- EPSS Score: %0.44
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
8.8
HIGHCVE-2022-26716
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execut... Read more
- EPSS Score: %0.14
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
5.7
MEDIUMCVE-2022-23738
An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub E... Read more
Affected Products : enterprise_server- EPSS Score: %0.09
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
6.5
MEDIUMCVE-2022-22658
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 16.0.3. Processing a maliciously crafted email message may lead to a denial-of-service.... Read more
Affected Products : iphone_os- EPSS Score: %0.15
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
9.8
CRITICALCVE-2018-6333
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be c... Read more
Affected Products : nuclide- EPSS Score: %1.12
- Published: Dec. 31, 2018
- Modified: May. 06, 2025
-
7.5
HIGHCVE-2018-4942
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure.... Read more
Affected Products : coldfusion- EPSS Score: %0.90
- Published: May. 19, 2018
- Modified: May. 06, 2025
-
7.8
HIGHCVE-2018-4938
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.... Read more
Affected Products : coldfusion- EPSS Score: %0.20
- Published: May. 19, 2018
- Modified: May. 06, 2025
-
8.3
HIGHCVE-2018-2826
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to com... Read more
- EPSS Score: %3.00
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
8.3
HIGHCVE-2018-2825
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to com... Read more
- EPSS Score: %1.13
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
5.3
MEDIUMCVE-2018-2815
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable... Read more
- EPSS Score: %0.52
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
5.3
MEDIUMCVE-2018-2798
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerabi... Read more
- EPSS Score: %0.22
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
5.3
MEDIUMCVE-2018-2796
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerab... Read more
- EPSS Score: %0.52
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
3.1
LOWCVE-2018-2790
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthent... Read more
- EPSS Score: %0.27
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
7.5
HIGHCVE-2018-2627
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where... Read more
- EPSS Score: %0.37
- Published: Jan. 18, 2018
- Modified: May. 06, 2025