Total
8699 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-0553 | 1 Zephyrproject | 1 Zephyr | 2024-08-02 | 6.5 Medium |
There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily. | ||||
CVE-2022-0494 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-08-02 | 4.4 Medium |
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. | ||||
CVE-2022-0577 | 2 Debian, Scrapy | 2 Debian Linux, Scrapy | 2024-08-02 | 6.5 Medium |
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1. | ||||
CVE-2022-0536 | 2 Follow-redirects Project, Redhat | 7 Follow-redirects, Acm, Openshift Data Foundation and 4 more | 2024-08-02 | 2.6 Low |
Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8. | ||||
CVE-2022-0516 | 5 Debian, Fedoraproject, Linux and 2 more | 32 Debian Linux, Fedora, Linux Kernel and 29 more | 2024-08-02 | 7.8 High |
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4. | ||||
CVE-2022-0430 | 1 Httpie | 1 Httpie | 2024-08-02 | 5.3 Medium |
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0. | ||||
CVE-2022-0355 | 1 Simple-get Project | 1 Simple-get | 2024-08-02 | 8.8 High |
Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. | ||||
CVE-2022-0384 | 1 Imdpen | 1 Video Conferencing With Zoom | 2024-08-02 | 4.3 Medium |
The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in its vczapi_get_wp_users AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog | ||||
CVE-2022-0281 | 1 Microweber | 1 Microweber | 2024-08-02 | 7.5 High |
Exposure of Sensitive Information to an Unauthorized Actor in Packagist microweber/microweber prior to 1.2.11. | ||||
CVE-2022-0235 | 4 Debian, Node-fetch Project, Redhat and 1 more | 14 Debian Linux, Node-fetch, Acm and 11 more | 2024-08-02 | 6.1 Medium |
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | ||||
CVE-2023-50872 | 2024-08-02 | 7.5 High | ||
The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object Reference attack that discloses partial information about certificates and their respective holder. NOTE: the excellium-services.com web page about this issue mentions "Vendor says that it's not a security issue." | ||||
CVE-2023-52341 | 2024-08-02 | 7.5 High | ||
In Plaintext COUNTER CHECK message accepted before AS security activation, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed | ||||
CVE-2023-52238 | 2024-08-02 | 4.3 Medium | ||
A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0). The web server of the affected systems leaks the MACSEC key in clear text to a logged in user. An attacker with the credentials of a low privileged user could retrieve the MACSEC key and access (decrypt) the ethernet frames sent by authorized recipients. | ||||
CVE-2023-52234 | 2024-08-02 | 6.5 Medium | ||
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2. | ||||
CVE-2023-52208 | 1 Constantcontact | 1 Constant Contact Forms | 2024-08-02 | 5.3 Medium |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2. | ||||
CVE-2023-52190 | 1 Wpswings | 1 Coupon Referral Program | 2024-08-02 | 7.5 High |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. | ||||
CVE-2023-52187 | 1 Imagesourcecontrol | 1 Image Source Control | 2024-08-02 | 5.3 Medium |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite – Show Image Credits and Captions.This issue affects Image Source Control Lite – Show Image Credits and Captions: from n/a through 2.17.0. | ||||
CVE-2023-52151 | 1 Uncannyowl | 1 Uncanny Automator | 2024-08-02 | 5.3 Medium |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Uncanny Automator, Uncanny Owl Uncanny Automator – Automate everything with the #1 no-code automation and integration plugin.This issue affects Uncanny Automator – Automate everything with the #1 no-code automation and integration plugin: from n/a through 5.1.0.2. | ||||
CVE-2023-52148 | 1 Wpaffiliatemanager | 1 Affiliates Manager | 2024-08-02 | 5.3 Medium |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager.This issue affects Affiliates Manager: from n/a through 2.9.30. | ||||
CVE-2023-52126 | 1 Sumanbhattarai | 1 Send Users Email | 2024-08-02 | 5.3 Medium |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Suman Bhattarai Send Users Email.This issue affects Send Users Email: from n/a through 1.4.3. |