• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-552

CVE-2022-4108

February 23, 2023 by godfreyd94

The Wholesale Market for WooCommerce WordPress plugin before 1.0.8 does not validate user input used to generate system path, allowing high privilege users such as admin to download arbitrary file from the server even when they should not be able to (for example in multisite)

CVE-2022-40126

February 23, 2023 by godfreyd94

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.

CVE-2022-39208

February 23, 2023 by godfreyd94

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. All files in the /opt/onedev/sites/ directory are exposed and can be read by unauthenticated users. This directory contains all projects, including their bare git repos and build artifacts. This file disclosure vulnerability can be used by unauthenticated attackers to leak all project files of any project. Since project IDs are incremental, an attacker could iterate through them and leak all project data. This issue has been resolved in version 7.3.0 and users are advised to upgrade. There are no known workarounds for this issue.

CVE-2022-37424

February 23, 2023 by godfreyd94

Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery.

CVE-2022-3691

February 23, 2023 by godfreyd94

The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive information (including the DeepL API key) in files that are publicly accessible to an external, unauthenticated visitor.

CVE-2022-36552

February 23, 2023 by godfreyd94

Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 19
  • Go to page 20
  • Go to page 21
  • Go to page 22
  • Go to page 23
  • Interim pages omitted …
  • Go to page 29
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE