Total
51 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-4171 | 1 Calibre-web Project | 1 Calibre-web | 2024-08-03 | 9.8 Critical |
| calibre-web is vulnerable to Business Logic Errors | ||||
| CVE-2021-4111 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2024-08-03 | 4.3 Medium |
| yetiforcecrm is vulnerable to Business Logic Errors | ||||
| CVE-2022-32207 | 7 Apple, Debian, Fedoraproject and 4 more | 21 Macos, Debian Linux, Fedora and 18 more | 2024-08-03 | 9.8 Critical |
| When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. | ||||
| CVE-2022-32208 | 7 Apple, Debian, Fedoraproject and 4 more | 21 Macos, Debian Linux, Fedora and 18 more | 2024-08-03 | 5.9 Medium |
| When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. | ||||
| CVE-2022-27782 | 4 Debian, Haxx, Redhat and 1 more | 4 Debian Linux, Curl, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. | ||||
| CVE-2022-4719 | 1 Ikus-soft | 1 Rdiffweb | 2024-08-03 | 9.8 Critical |
| Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5. | ||||
| CVE-2022-3363 | 1 Ikus-soft | 1 Rdiffweb | 2024-08-03 | 9.8 Critical |
| Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7. | ||||
| CVE-2022-1848 | 1 Erudika | 1 Para | 2024-08-03 | 5.3 Medium |
| Business Logic Errors in GitHub repository erudika/para prior to 1.45.11. | ||||
| CVE-2022-1155 | 1 Snipeitapp | 1 Snipe-it | 2024-08-02 | 7.4 High |
| Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10. | ||||
| CVE-2022-0935 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-02 | 8.8 High |
| Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. | ||||
| CVE-2022-0746 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-08-02 | 4.3 Medium |
| Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0. | ||||
| CVE-2022-0689 | 1 Microweber | 1 Microweber | 2024-08-02 | 5.3 Medium |
| Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11. | ||||
| CVE-2022-0688 | 1 Microweber | 1 Microweber | 2024-08-02 | 4.9 Medium |
| Business Logic Errors in Packagist microweber/microweber prior to 1.2.11. | ||||
| CVE-2022-0514 | 1 Craterapp | 1 Crater | 2024-08-02 | 6.5 Medium |
| Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5. | ||||
| CVE-2022-0524 | 1 Publify Project | 1 Publify | 2024-08-02 | 7.5 High |
| Business Logic Errors in GitHub repository publify/publify prior to 9.2.7. | ||||
| CVE-2023-29294 | 1 Adobe | 2 Commerce, Magento | 2024-08-02 | 4.3 Medium |
| Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this issue does not require user interaction. | ||||
| CVE-2023-7271 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-02 | 5.5 Medium |
| Privilege escalation vulnerability in the NMS module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-6832 | 1 Microweber | 1 Microweber | 2024-08-02 | 4.3 Medium |
| Business Logic Errors in GitHub repository microweber/microweber prior to 2.0. | ||||
| CVE-2023-6566 | 1 Microweber | 1 Microweber | 2024-08-02 | 6.5 Medium |
| Business Logic Errors in GitHub repository microweber/microweber prior to 2.0. | ||||
| CVE-2023-6514 | 1 Huawei | 2 Ajmd-370s, Ajmd-370s Firmware | 2024-08-02 | 8.8 High |
| The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions. Successful exploitation of this vulnerability may allow attackers to access restricted functions. | ||||