Total
9894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1402 | 1 Moodle | 1 Moodle | 2024-11-21 | 4.3 Medium |
| The course participation report required additional checks to prevent roles being displayed which the user did not have access to view. | ||||
| CVE-2023-0658 | 1 Multilaser | 4 Re057, Re057 Firmware, Re170 and 1 more | 2024-11-21 | 5.3 Medium |
| A vulnerability, which was classified as critical, was found in Multilaser RE057 and RE170 2.1/2.2. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-220053 was assigned to this vulnerability. | ||||
| CVE-2023-0248 | 1 Johnsoncontrols | 2 Iosmart Gen 1, Iosmart Gen 1 Firmware | 2024-11-21 | 7.5 High |
| An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader. | ||||
| CVE-2023-0238 | 1 Cloudflare | 1 Warp | 2024-11-21 | 3.9 Low |
| Due to lack of a security policy, the WARP Mobile Client (<=6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app. | ||||
| CVE-2023-0113 | 1 Netis-systems | 2 Netcore Router, Netcore Router Firmware | 2024-11-21 | 5.3 Medium |
| A vulnerability was found in Netis Netcore Router up to 2.2.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-217591. | ||||
| CVE-2022-4869 | 1 Evolution-events | 1 Artaxerxes | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic. This vulnerability affects unknown code of the file arta/common/middleware.py of the component POST Parameter Handler. The manipulation of the argument password leads to information disclosure. The attack can be initiated remotely. The patch is identified as 022111407d34815c16c6eada2de69ca34084dc0d. It is recommended to apply a patch to fix this issue. VDB-217438 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-4862 | 1 M-files | 1 M-files Server | 2024-11-21 | 5 Medium |
| Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3. | ||||
| CVE-2022-4228 | 1 Book Store Management System Project | 1 Book Store Management System | 2024-11-21 | 5.3 Medium |
| A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. The manipulation of the argument password leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214587. | ||||
| CVE-2022-48520 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2022-48519 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2022-48516 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect confidentiality. | ||||
| CVE-2022-48514 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.5 High |
| The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2022-48510 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.8 Critical |
| Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations. | ||||
| CVE-2022-47892 | 1 Riello-ups | 2 Netman 204, Netman 204 Firmware | 2024-11-21 | 5.3 Medium |
| All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi) containing sensitive information, like credentials. | ||||
| CVE-2022-47597 | 1 Code-atlantic | 1 Popup Maker | 2024-11-21 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Popup Maker Popup Maker – Popup for opt-ins, lead gen, & more.This issue affects Popup Maker – Popup for opt-ins, lead gen, & more: from n/a through 1.17.1. | ||||
| CVE-2022-47554 | 1 Ormazabal | 4 Ekorccp, Ekorccp Firmware, Ekorrci and 1 more | 2024-11-21 | 8.2 High |
| Exposure of sensitive information in ekorCCP and ekorRCI, potentially allowing a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the web server. | ||||
| CVE-2022-46651 | 1 Apache | 1 Airflow | 2024-11-21 | 6.5 Medium |
| Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an unauthorized actor to gain access to sensitive information in Connection edit view. This vulnerability is considered low since it requires someone with access to Connection resources specifically updating the connection to exploit it. Users should upgrade to version 2.6.3 or later which has removed the vulnerability. | ||||
| CVE-2022-46646 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 2.2 Low |
| Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-45449 | 2024-11-21 | N/A | ||
| Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984. | ||||
| CVE-2022-45354 | 1 Wpchill | 1 Download Monitor | 2024-11-21 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.7.60. | ||||