• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-863

CVE-2022-30311

February 23, 2023 by godfreyd94

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-refresh-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

CVE-2022-3032

February 23, 2023 by godfreyd94

When receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.

CVE-2022-3024

February 23, 2023 by godfreyd94

The Simple Bitcoin Faucets WordPress plugin through 1.7.0 does not have any authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscribers to call it and add/delete/edit Bonds. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues

CVE-2022-30164

February 23, 2023 by godfreyd94

Kerberos AppContainer Security Feature Bypass Vulnerability.

CVE-2022-30016

February 23, 2023 by godfreyd94

Rescue Dispatch Management System 1.0 is vulnerable to Incorrect Access Control via http://localhost/rdms/admin/?page=system_info.

CVE-2022-29935

February 23, 2023 by godfreyd94

USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download. NOTE: this is not an Oracle Corporation product.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 146
  • Go to page 147
  • Go to page 148
  • Go to page 149
  • Go to page 150
  • Interim pages omitted …
  • Go to page 192
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE