• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-306

CVE-2022-3674

February 23, 2023 by godfreyd94

A vulnerability has been found in SourceCodester Sanitization Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. The attack can be launched remotely. The identifier VDB-212017 was assigned to this vulnerability.

CVE-2022-36604

February 23, 2023 by godfreyd94

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request.

CVE-2022-36619

February 23, 2023 by godfreyd94

In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform/setMAC.

CVE-2022-36521

February 23, 2023 by godfreyd94

Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts.

CVE-2022-35865

February 23, 2023 by godfreyd94

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16709.

CVE-2022-35871

February 23, 2023 by godfreyd94

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists within the authenticateAdSso method. The issue results from the lack of authentication prior to allowing the execution of python code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17206.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 110
  • Go to page 111
  • Go to page 112
  • Go to page 113
  • Go to page 114
  • Interim pages omitted …
  • Go to page 124
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE