• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1406
2022-05-18
N/A
6.5 MEDIUM
Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project
CVE-2022-1405
Cncsoft, Deltaww
Asda_soft, Cncsoft, Cncsoft-b, Cncsoft_screeneditor, Cnssoft_screeneditor, Commgr, Dcisoft, Delta_industrial_automation_dopsoft, Delta_industrial_automation_pmsoft, Delta_industrial_automation_screen_editor
2022-09-05
N/A
7.8 HIGH
CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.
CVE-2022-1404
Cncsoft, Deltaww
Asda_soft, Cncsoft, Cncsoft-b, Cncsoft_screeneditor, Cnssoft_screeneditor, Commgr, Dcisoft, Delta_industrial_automation_dopsoft, Delta_industrial_automation_pmsoft, Delta_industrial_automation_screen_editor
2022-09-07
N/A
7.1 HIGH
Delta Electronics CNCSoft (All versions prior to 1.01.32) does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.
CVE-2022-1403
Asda Soft, Deltaww
Asda_soft, Cncsoft, Cncsoft-b, Cncsoft_screeneditor, Cnssoft_screeneditor, Commgr, Dcisoft, Delta_industrial_automation_dopsoft, Delta_industrial_automation_pmsoft, Delta_industrial_automation_screen_editor
2022-05-10
N/A
7.8 HIGH
ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition.
CVE-2022-1402
Asda Soft, Deltaww
Asda_soft, Cncsoft, Cncsoft-b, Cncsoft_screeneditor, Cnssoft_screeneditor, Commgr, Dcisoft, Delta_industrial_automation_dopsoft, Delta_industrial_automation_pmsoft, Delta_industrial_automation_screen_editor
2022-05-10
N/A
7.1 HIGH
ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.
CVE-2022-1401
2023-02-16
N/A
7.5 HIGH
Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with root permissions. This issue affects: Device42 CMDB versions prior to 18.01.00.
CVE-2022-1400
2022-08-18
N/A
9.8 CRITICAL
Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports, as used in the Device42 Asset Management Appliance, allows an attacker to leak session IDs and elevate privileges. This issue affects: Device42 CMDB versions prior to 18.01.00.
CVE-2022-1399
2022-08-18
N/A
9.1 CRITICAL
An Argument Injection or Modification vulnerability in the "Change Secret" username field as used in the Discovery component of Device42 CMDB allows a local attacker to run arbitrary code on the appliance with root privileges. This issue affects: Device42 CMDB version 18.01.00 and prior versions.
CVE-2022-1398
2022-05-24
N/A
6.5 MEDIUM
The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks
CVE-2022-1397
2022-05-16
N/A
8.8 HIGH
API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover.
« Previous 1 … 10,960 10,961 10,962 10,963 10,964 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE