CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/02/05 8:53 p.m.•9 views

CVE-2022-28687

7.8CVSS6.8AI score0.00285EPSS

CNNVD•added 2024/12/27 12:0 a.m.•1 views

Kurmi Provisioning Suite 安全漏洞

Kurmi Provisioning Suite is an infrastructure management suite from Kurmi, Inc. A security vulnerability exists in Kurmi Provisioning Suite versions prior to 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15, which stems from a path traversal vulnerability in the DocServlet servlet...

7.5CVSS6.8AI score0.00294EPSS

NVD•added 2023/03/29 7:15 p.m.•11 views

CVE-2022-36970

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

NVD•added 2023/03/29 7:15 p.m.•13 views

CVE-2022-28686

Prion•added 2023/03/29 7:15 p.m.•15 views

Deserialization of untrusted data

4.4CVSS7.8AI score0.0401EPSS

Prion•added 2023/03/29 7:15 p.m.•18 views

Design/Logic Flaw

4.4CVSS7.8AI score0.00285EPSS

Prion•added 2023/03/29 7:15 p.m.•12 views

Design/Logic Flaw

4.4CVSS7.8AI score0.00285EPSS

Prion•added 2023/03/29 7:15 p.m.•14 views

Design/Logic Flaw

4.4CVSS7.8AI score0.00285EPSS

CVE•added 2023/03/29 12:0 a.m.•36 views

CVE-2022-36970

CVE-2022-36970 affects AVEVA Edge 20.0 Build 4201.2111.1802.0000 Service Pack 2. The flaw lies in the processing of APP files, where crafted APP data can cause the application to execute arbitrary Visual Basic scripts. User interaction is required (visiting a malicious page or opening a malicious...

Vulnrichment•added 2023/03/29 12:0 a.m.•9 views

CVE-2022-36970

Cvelist•added 2023/03/29 12:0 a.m.•17 views

CVE-2022-36970

7.8CVSS8AI score0.00285EPSS

Cvelist•added 2023/03/29 12:0 a.m.•20 views

CVE-2022-28687

7.8CVSS7.9AI score0.00285EPSS

OSV•added 2022/09/16 6:15 p.m.•1 views

CVE-2022-39008

The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps...

9.1CVSS5.8AI score

Zero Day Initiative•added 2022/08/23 12:0 a.m.•26 views

(Pwn2Own) AVEVA Edge Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP...

7.8CVSS2.9AI score0.00285EPSS

Zero Day Initiative•added 2022/08/23 12:0 a.m.•31 views

(Pwn2Own) AVEVA Edge SetBytesToManagedControl Deserialization of Untrusted Data Remote Code Execution Vulnerability

7.8CVSS5.5AI score0.0401EPSS

Zero Day Initiative•added 2022/08/23 12:0 a.m.•53 views

(Pwn2Own) AVEVA Edge Uncontrolled Search Path Element Remote Code Execution Vulnerability

7.8CVSS2.9AI score0.00285EPSS

Zero Day Initiative•added 2022/08/23 12:0 a.m.•35 views

(Pwn2Own) AVEVA Edge Uncontrolled Search Path Element Remote Code Execution Vulnerability

7.8CVSS2.9AI score0.00285EPSS