• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-863

CVE-2022-0720

February 23, 2023 by

The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other’s booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it.

CVE-2022-0726

February 23, 2023 by

Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0.

CVE-2022-0727

February 23, 2023 by

Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0.

CVE-2022-0732

February 23, 2023 by

The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability.

CVE-2022-0735

February 23, 2023 by

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorised user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands.

CVE-2022-0633

February 23, 2023 by

The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup’s nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 184
  • Go to page 185
  • Go to page 186
  • Go to page 187
  • Go to page 188
  • Interim pages omitted …
  • Go to page 192
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE