Total
3302 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44626 | 2024-08-03 | 6.3 Medium | ||
| Missing Authorization vulnerability in Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.1.20. | ||||
| CVE-2022-44422 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44437 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44439 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44438 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44424 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44423 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44434 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44421 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information disclosure. | ||||
| CVE-2022-44433 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 7.8 High |
| In phoneEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | ||||
| CVE-2022-44435 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 5.5 Medium |
| In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44009 | 1 Stackstorm | 1 Stackstorm | 2024-08-03 | 7.5 High |
| Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information. | ||||
| CVE-2022-43581 | 1 Ibm | 1 Content Navigator | 2024-08-03 | 7.5 High |
| IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805. | ||||
| CVE-2022-43453 | 1 Billminozzi | 1 Wp Tools | 2024-08-03 | 8.8 High |
| Missing Authorization vulnerability in Bill Minozzi WP Tools.This issue affects WP Tools: from n/a through 3.41. | ||||
| CVE-2022-43421 | 1 Jenkins | 1 Tuleap Git Branch Source | 2024-08-03 | 5.3 Medium |
| A missing permission check in Jenkins Tuleap Git Branch Source Plugin 3.2.4 and earlier allows unauthenticated attackers to trigger Tuleap projects whose configured repository matches the attacker-specified value. | ||||
| CVE-2022-43431 | 1 Jenkins | 1 Compuware Strobe Measurement | 2024-08-03 | 4.3 Medium |
| Jenkins Compuware Strobe Measurement Plugin 1.0.1 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | ||||
| CVE-2022-43427 | 1 Jenkins | 1 Compuware Topaz For Total Test | 2024-08-03 | 4.3 Medium |
| Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | ||||
| CVE-2022-43417 | 1 Jenkins | 1 Katalon | 2024-08-03 | 4.3 Medium |
| Jenkins Katalon Plugin 1.0.32 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2022-43413 | 1 Jenkins | 1 Job Import | 2024-08-03 | 4.3 Medium |
| Jenkins Job Import Plugin 3.5 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | ||||
| CVE-2022-42903 | 1 Zohocorp | 1 Manageengine Supportcenter Plus | 2024-08-03 | 3.3 Low |
| Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list. | ||||