• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2022-32265

February 23, 2023 by godfreyd94

qDecoder before 12.1.0 does not ensure that the percent character is followed by two hex digits for URL decoding.

CVE-2022-32268

February 23, 2023 by godfreyd94

StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with root privileges.

CVE-2022-32278

February 23, 2023 by godfreyd94

XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.

CVE-2022-32283

February 23, 2023 by godfreyd94

Browse restriction bypass vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Cabinet via unspecified vectors.

CVE-2022-3229

February 23, 2023 by godfreyd94

Because the web management interface for Unified Intents’ Unified Remote solution does not itself require authentication, a remote, unauthenticated attacker can change or disable authentication requirements for the Unified Remote protocol, and leverage this now-unauthenticated access to run code of the attacker’s choosing.

CVE-2022-32291

February 23, 2023 by godfreyd94

In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname (for a DLL file) in a RAM file.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2113
  • Go to page 2114
  • Go to page 2115
  • Go to page 2116
  • Go to page 2117
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE