• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2022-25832

February 23, 2023 by godfreyd94

Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication.

CVE-2022-25833

February 23, 2023 by godfreyd94

Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission.

CVE-2022-2572

February 23, 2023 by godfreyd94

In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were still valid after the access was revoked.

CVE-2022-25626

February 23, 2023 by godfreyd94

An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.

CVE-2022-25640

February 23, 2023 by godfreyd94

In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate.

CVE-2022-25652

February 23, 2023 by godfreyd94

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 263
  • Go to page 264
  • Go to page 265
  • Go to page 266
  • Go to page 267
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE