• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-269

CVE-2022-43566

February 23, 2023 by godfreyd94

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards in the Analytics Workspace. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The attacker cannot exploit the vulnerability at will.

CVE-2022-43308

February 23, 2023 by godfreyd94

INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies.

CVE-2022-43138

February 23, 2023 by godfreyd94

Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API.

CVE-2022-4314

February 23, 2023 by godfreyd94

Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2.

CVE-2022-4305

February 23, 2023 by godfreyd94

The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.

CVE-2022-42888

February 23, 2023 by godfreyd94

Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 136
  • Go to page 137
  • Go to page 138
  • Go to page 139
  • Go to page 140
  • Interim pages omitted …
  • Go to page 206
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE