• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-200

CVE-2022-1901

February 23, 2023 by

In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview.

CVE-2022-1650

February 23, 2023 by

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository eventsource/eventsource prior to v2.0.2.

CVE-2022-1662

February 23, 2023 by

In convert2rhel, there’s an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this ansible playbook is only an example in the upstream repository and it is not shipped in officially supported versions of convert2rhel.

CVE-2022-1595

February 23, 2023 by

The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request

CVE-2022-1551

February 23, 2023 by

The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to store user files, bad actors could use that to access other users’ sensitive files.

CVE-2022-1412

February 23, 2023 by

The Log WP_Mail WordPress plugin through 0.1 saves sent email in a publicly accessible directory using predictable filenames, allowing any unauthenticated visitor to obtain potentially sensitive information like generated passwords.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 339
  • Go to page 340
  • Go to page 341
  • Go to page 342
  • Go to page 343
  • Interim pages omitted …
  • Go to page 348
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE