• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2022-30408

February 23, 2023 by godfreyd94

Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img.

CVE-2022-3027

February 23, 2023 by godfreyd94

The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, when the device attempts connecting to the malicious SSID, the device can be exploited to write arbitrary files or display incorrect information.

CVE-2022-30286

February 23, 2023 by godfreyd94

pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read Python source code.

CVE-2022-30288

February 23, 2023 by godfreyd94

** DISPUTED ** Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. NOTE: the vendor has disputed this on the grounds that it is not the server’s responsibility to “enforce all the various ways a developer could write code with logic errors.”

CVE-2022-30295

February 23, 2023 by godfreyd94

uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2.

CVE-2022-30321

February 23, 2023 by godfreyd94

go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2130
  • Go to page 2131
  • Go to page 2132
  • Go to page 2133
  • Go to page 2134
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE