• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-863

CVE-2022-33198

February 23, 2023 by godfreyd94

Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari’s Accordions plugin <= 2.0.2 at WordPress.

CVE-2022-33174

February 23, 2023 by godfreyd94

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.

CVE-2022-32945

February 23, 2023 by godfreyd94

An access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may be able to record audio with paired AirPods.

CVE-2022-32854

February 23, 2023 by godfreyd94

This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.

CVE-2022-32532

February 23, 2023 by godfreyd94

Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.

CVE-2022-32294

February 23, 2023 by godfreyd94

** DISPUTED ** Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the “zmprove ca” command). It is visible in cleartext on port UDP 514 (aka the syslog port). NOTE: a third party reports that this cannot be reproduced.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 138
  • Go to page 139
  • Go to page 140
  • Go to page 141
  • Go to page 142
  • Interim pages omitted …
  • Go to page 192
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE