CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

NVD•added 2023/02/22 9:15 p.m.•18 views

CVE-2023-22972

A Reflected Cross-site scripting XSS vulnerability in interface/forms/eyemag/php/eyemagfunctions.php in OpenEMR 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the REQUESTURI...

5.4CVSS5.1AI score0.00326EPSS

Exploits0References1

CVE•added 2023/02/22 12:0 a.m.•40 views

CVE-2023-22972

CVE-2023-22972 is a reflected XSS in OpenEMR prior to 7.0.0, located in interface/forms/eye_mag/php/eye_mag_functions.php. The vulnerability allows remote authenticated users to inject arbitrary script/HTML via the REQUEST_URI. Impact is limited to the affected module; exploitation details are no...

5.4CVSS5AI score0.00326EPSS

Exploits0References1Affected Software1

Check Point Advisories•added 2022/05/29 12:0 a.m.•10 views

VMware Authentication Bypass (CVE-2022-22972)

An authentication bypass vulnerability exists in VMware. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

7.5CVSS5.9AI score0.93677EPSS

Exploits3

GithubExploit•added 2022/05/28 8:56 p.m.•281 views

Exploit for CVE-2022-22972

CVE-2022-22972 vmware authentication bypass -host stri...

9.8CVSS9.8AI score0.93677EPSS

Exploits3

CVE•added 2022/05/20 8:18 p.m.•290 views

CVE-2022-22972

CVE-2022-22972 is an authentication bypass affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation. A malicious actor with network access to the UI could obtain administrative access without authentication. Public materials (CVEs, vendor advisories) confirm affected produ...

9.8CVSS9.1AI score0.93677EPSS

In wildExploits3References1Affected Software3

Hive Pro Threat Advisories•added 2022/05/19 2:34 p.m.•68 views

Vulnerabilities in VMware when chained together grants Full System Control

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary The Cybersecurity and Infrastructure Security Agency CISA has issued a warning to organizations about malicious actors using CVE-2022-22954 and CVE-2022-22960. This alert was published following the...

10CVSS1.2AI score0.94444EPSS

Exploits33

Rapid7 Blog•added 2022/05/19 1:54 p.m.•286 views

CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation

On May 18, 2022, VMware published VMSA-2022-0014 on CVE-2022-22972 and CVE-2022-22973. The more severe of the two vulnerabilities is CVE-2022-22972, a critical authentication bypass affecting VMware’s Workspace ONE Access, Identity Manager, and vRealize Automation solutions. The vulnerability...

10CVSS0.6AI score0.94444EPSS

Exploits33

Tenable Nessus•added 2022/05/18 12:0 a.m.•93 views

VMware Workspace One Access / VMware Identity Manager Authentication Bypass (Direct Check) (CVE-2022-22972)

The VMware Workspace One Access formerly VMware Identity Manager application running on the remote host is affected by an authentication bypass vulnerability affecting local domain users. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

9.8CVSS8.7AI score0.93677EPSS

Exploits3References5

VulnCheck KEV•added 2021/08/12 12:0 a.m.•1 views

VulnCheck KEV: CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

9.8CVSS7.4AI score0.93677EPSS

Exploits3References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by