| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-28816 | Reflected XSS in Carlo Gavazzi UWP 3.0 | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Medium | 6.1 | 2022-09-28 13:45:37 | Deep Dive |
| CVE-2022-28815 | SQL-Injection in Carlo Gavazzi UWP 3.0 Sentilo Proxy | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Low | 2.7 | 2022-09-28 13:45:36 | Deep Dive |
| CVE-2022-28814 | Path traversal in Carlo Gavazzi UWP 3.0 could lead to full device access | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:35 | Deep Dive |
| CVE-2022-28812 | Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server. | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:33 | Deep Dive |
| CVE-2022-28811 | Possible command injection in Car Park Server in Carlo Gavazzi UWP3.0 | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:32 | Deep Dive |
| CVE-2022-22526 | Missing authentication for API in Carlo Gavazzi UWP 3.0 Car Park Server | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:31 | Deep Dive |
| CVE-2022-22525 | Command injection in restore function of Carlo Gavazzi UWP3.0 allows for command injection | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | High | 7.2 | 2022-09-28 13:45:30 | Deep Dive |
| CVE-2022-22524 | SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.4 | 2022-09-28 13:45:30 | Deep Dive |
| CVE-2022-22523 | Carlo Gavazzi UWP 3.0 WebApp allows for authentication bypass | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | High | 7.5 | 2022-09-28 13:45:29 | Deep Dive |
| CVE-2022-22522 | Hard-coded credentials in Carlo Gavazzi UWP3.0 allows for authentication bypass and full control of the device | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:28 | Deep Dive |
| CVE-2022-28813 | SQL-injection in Car Park Server 3.0 allows for full database access. | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | High | 7.5 | 2022-09-28 00:00:00 | Deep Dive |
| CVE-2022-28886 | Denial-of-Service (DoS) Vulnerability | F-Secure and WithSecure | All F-Secure and WithSecure Endpoint Protection products for Windows running 32 bit operating system. F-Secure Linux Security 32 F-Secure Internet Gatekeeper | Medium | 4.3 | 2022-09-23 18:24:04 | Deep Dive |
| CVE-2022-3144 | Wordfence Security – Firewall & Malware Scan <= 7.6.0 - Authenticated (Admin+) Stored Cross-Site Scripting | mmaunder | Wordfence Security – Firewall, Malware Scan, and Login Security | Medium | 4.4 | 2022-09-23 13:54:18 | Deep Dive |
| CVE-2022-41236 | Jenkins Security Inspector Plugin 跨站请求伪造漏洞 | Jenkins project | Jenkins Security Inspector Plugin | 高危 | - | 2022-09-21 15:45:56 | Deep Dive |
| CVE-2022-40980 | Trend Micro Mobile Security for Enterprise 安全漏洞 | Trend Micro | Trend Micro Mobile Security for Enterprise | 超危 | - | 2022-09-19 18:01:07 | Deep Dive |
| CVE-2022-37348 | Trend Micro Security (Consumer) 缓冲区错误漏洞 | Trend Micro | Trend Micro Security (Consumer) | 中危 | - | 2022-09-19 18:00:59 | Deep Dive |
| CVE-2022-37347 | Trend Micro Security (Consumer) 缓冲区错误漏洞 | Trend Micro | Trend Micro Security (Consumer) | 中危 | - | 2022-09-19 18:00:58 | Deep Dive |
| CVE-2022-34893 | Trend Micro Security 后置链接漏洞 | Trend Micro | Trend Micro Security (Consumer) | 高危 | - | 2022-09-19 18:00:57 | Deep Dive |
| CVE-2022-39212 | Last video frame is still sent after video is disabled in a call in Nextcloud Talk | nextcloud | security-advisories | Medium | 4.3 | 2022-09-16 23:15:13 | Deep Dive |
| CVE-2022-39210 | Access to internal files of the Nextcloud Android app | nextcloud | security-advisories | Low | 3.2 | 2022-09-16 23:10:15 | Deep Dive |