• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-732

CVE-2022-47927

February 23, 2023 by godfreyd94

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These files include credentials data.

CVE-2022-46792

February 23, 2023 by godfreyd94

Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Versions before 2.10.0 are unaffected.)

CVE-2022-4630

February 23, 2023 by godfreyd94

Sensitive Cookie Without ‘HttpOnly’ Flag in GitHub repository lirantal/daloradius prior to master.

CVE-2022-45301

February 23, 2023 by godfreyd94

Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the Authenticated Users group write privileges for the path C:toolsruby31 and all files located in that folder.

CVE-2022-45304

February 23, 2023 by godfreyd94

Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:toolsCmder and all files located in that folder.

CVE-2022-45305

February 23, 2023 by godfreyd94

Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the Authenticated Users group write privileges for the subfolder C:Python311 and all files located in that folder.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 120
  • Go to page 121
  • Go to page 122
  • Go to page 123
  • Go to page 124
  • Interim pages omitted …
  • Go to page 144
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE