| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature." |
| A cross-site scripting (XSS) vulnerability in the /admin/article_category.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter. |
| Alotcer - AR7088H-A firmware version 16.10.3 Command execution Improper validation of unspecified input field may allow Authenticated command execution. |
| An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL. |
| EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has misconfigured permissions |
| EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented hard-coded privileged user. |
| EXFO - BV-10 Performance Endpoint Unit authentication bypass User can manually manipulate access enabling authentication bypass. |
| H C Mingham-Smith Ltd - Tardis 2000 Privilege escalation.Version 1.6 is vulnerable to privilege escalation which may allow a malicious actor to gain system privileges. |
| Windows CryptoAPI Denial of Service Vulnerability |
| Kirby CMS v4.1.0 was discovered to contain a reflected self-XSS vulnerability via the URL parameter. |
| Windows CryptoAPI Denial of Service Vulnerability |
| NTFS Elevation of Privilege Vulnerability |
| Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message contains the default administrator user name. |
| Windows Group Policy Elevation of Privilege Vulnerability |
| Windows GDI Elevation of Privilege Vulnerability |
| GDI Elevation of Privilege Vulnerability |
| Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors. |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14(408). Affected by this issue is some unknown functionality of the file /default.cfg. The manipulation of the argument these leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
