Total
553 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-37146 | 1 Plextrac | 1 Plextrac | 2024-08-03 | 5.3 Medium |
| The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider take significantly longer than those for invalid users, allowing for valid users to be enumerated by an unauthenticated remote attacker. Note that the lockout policy implemented in Plextrac version 1.17.0 makes it impossible to distinguish between valid, locked user accounts and user accounts that do not exist, but does not prevent valid, unlocked users from being enumerated. | ||||
| CVE-2022-36885 | 2 Jenkins, Redhat | 2 Github, Openshift | 2024-08-03 | 5.3 Medium |
| Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature. | ||||
| CVE-2022-36105 | 1 Typo3 | 1 Typo3 | 2024-08-03 | 5.3 Medium |
| TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication (backend and frontend) can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd party TYPO3 extensions providing a custom authentication service should check if the extension is affected by the described problem. Affected extensions must implement new `MimicServiceInterface::mimicAuthUser`, which simulates corresponding times regular processing would usually take. Update to TYPO3 version 7.6.58 ELTS, 8.7.48 ELTS, 9.5.37 ELTS, 10.4.32 or 11.5.16 that fix this problem. There are no known workarounds for this issue. | ||||
| CVE-2022-35888 | 1 Amperecomputing | 6 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 3 more | 2024-08-03 | 6.5 Medium |
| Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system. | ||||
| CVE-2022-34704 | 1 Microsoft | 13 Windows 10, Windows 10 1507, Windows 10 1607 and 10 more | 2024-08-03 | 4.7 Medium |
| Windows Defender Credential Guard Information Disclosure Vulnerability | ||||
| CVE-2022-34174 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2024-08-03 | 7.5 High |
| In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm. | ||||
| CVE-2022-32425 | 1 Mealie | 1 Mealie | 2024-08-03 | 5.3 Medium |
| The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server's response time. | ||||
| CVE-2022-32273 | 1 Opswat | 1 Metadefender | 2024-08-03 | 4.3 Medium |
| As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server. | ||||
| CVE-2022-32218 | 1 Rocket.chat | 1 Rocket.chat | 2024-08-03 | 4.3 Medium |
| An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries. | ||||
| CVE-2022-31142 | 1 Fastify | 1 Bearer-auth | 2024-08-03 | 7.5 High |
| @fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth. | ||||
| CVE-2022-30332 | 1 Talend | 1 Administration Center | 2024-08-03 | 5.3 Medium |
| In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account. This allows remote attackers to enumerate accounts via a series of requests. | ||||
| CVE-2022-29185 | 1 Totp-rs Project | 1 Totp-rs | 2024-08-03 | 4.2 Medium |
| totp-rs is a Rust library that permits the creation of 2FA authentification tokens per time-based one-time password (TOTP). Prior to version 1.1.0, token comparison was not constant time, and could theorically be used to guess value of an TOTP token, and thus reuse it in the same time window. The attacker would have to know the password beforehand nonetheless. Starting with patched version 1.1.0, the library uses constant-time comparison. There are currently no known workarounds. | ||||
| CVE-2022-27814 | 1 Waycrate | 1 Swhkd | 2024-08-03 | 3.3 Low |
| SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option. | ||||
| CVE-2022-27221 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-08-03 | 5.9 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack. | ||||
| CVE-2022-26382 | 1 Mozilla | 1 Firefox | 2024-08-03 | 4.3 Medium |
| While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98. | ||||
| CVE-2022-25332 | 1 Ti | 2 Omap L138, Omap L138 Firmware | 2024-08-03 | 4.4 Medium |
| The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext inputs. Using this side channel, the SK_LOAD secure kernel routine can be used to recover the Customer Encryption Key (CEK). | ||||
| CVE-2022-24784 | 1 Statamic | 1 Statamic | 2024-08-03 | 3.7 Low |
| Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user's password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above. | ||||
| CVE-2022-24436 | 1 Intel | 1 * | 2024-08-03 | 6.5 Medium |
| Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access. | ||||
| CVE-2022-24043 | 1 Siemens | 8 Desigo Dxr2, Desigo Dxr2 Firmware, Desigo Pxc3 and 5 more | 2024-08-03 | 5.3 Medium |
| A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The login functionality of the application fails to normalize the response times of login attempts performed with wrong usernames with the ones executed with correct usernames. A remote unauthenticated attacker could exploit this side-channel information to perform a username enumeration attack and identify valid usernames. | ||||
| CVE-2022-24032 | 1 Adenza | 1 Axiomsl Controllerview | 2024-08-03 | 5.3 Medium |
| Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can identify valid usernames on the platform because a failed login attempt produces a different error message when the username is valid. | ||||