• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-639

CVE-2022-4802

February 23, 2023 by godfreyd94

Improper Authorization in GitHub repository usememos/memos prior to 0.9.1.

CVE-2022-4803

February 23, 2023 by godfreyd94

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

CVE-2022-4806

February 23, 2023 by godfreyd94

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

CVE-2022-4794

February 23, 2023 by godfreyd94

The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.

CVE-2022-46179

February 23, 2023 by godfreyd94

LiuOS is a small Python project meant to imitate the functions of a regular operating system. Version 0.1.0 and prior of LiuOS allow an attacker to set the GITHUB_ACTIONS environment variable to anything other than null or true and skip authentication checks. This issue is patched in the latest commit (c658b4f3e57258acf5f6207a90c2f2169698ae22) by requiring the var to be set to true, causing a test script to run instead of being able to login. A potential workaround is to check for the GITHUB_ACTIONS environment variable and set it to “” (no quotes) to null the variable and force credential checks.

CVE-2022-45927

February 23, 2023 by godfreyd94

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 31
  • Go to page 32
  • Go to page 33
  • Go to page 34
  • Go to page 35
  • Interim pages omitted …
  • Go to page 50
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE