• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2022-38299

February 23, 2023 by godfreyd94

An issue in the Elasticsearch plugin of Appsmith v1.7.11 allows attackers to connect disallowed hosts to the AWS/GCP internal metadata endpoint.

CVE-2022-38187

February 23, 2023 by godfreyd94

Prior to version 10.9.0, the sharing/rest/content/features/analyze endpoint is always accessible to anonymous users, which could allow an unauthenticated attacker to induce Esri Portal for ArcGIS to read arbitrary URLs.

CVE-2022-38150

February 23, 2023 by godfreyd94

In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1.

CVE-2022-38163

February 23, 2023 by godfreyd94

A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.

CVE-2022-38164

February 23, 2023 by godfreyd94

WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 3 of 5).

CVE-2022-38165

February 23, 2023 by godfreyd94

Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2010
  • Go to page 2011
  • Go to page 2012
  • Go to page 2013
  • Go to page 2014
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE