• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-20

CVE-2022-39313

February 23, 2023 by godfreyd94

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.17, and prior to 5.2.8 on the 5.x branch, crash when a file download request is received with an invalid byte range, resulting in a Denial of Service. This issue has been patched in versions 4.10.17, and 5.2.8. There are no known workarounds.

CVE-2022-39318

February 23, 2023 by godfreyd94

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to upgrade. Users unable to upgrade should not use the `/usb` redirection switch.

CVE-2022-39232

February 23, 2023 by godfreyd94

Discourse is an open source discussion platform. Starting with version 2.9.0.beta5 and prior to version 2.9.0.beta10, an incomplete quote can generate a JavaScript error which will crash the current page in the browser in some cases. Version 2.9.0.beta10 added a fix and tests to ensure incomplete quotes won’t break the app. As a workaround, the quote can be fixed via the rails console.

CVE-2022-39060

February 23, 2023 by godfreyd94

ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.

CVE-2022-38985

February 23, 2023 by godfreyd94

The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-39012

February 23, 2023 by godfreyd94

Huawei Aslan Children’s Watch has an improper input validation vulnerability. Successful exploitation may cause the watch’s application service abnormal.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 601
  • Go to page 602
  • Go to page 603
  • Go to page 604
  • Go to page 605
  • Interim pages omitted …
  • Go to page 681
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE