Search
Total
404 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36710 | 1 Toaruos | 1 Toaruos | 2023-08-08 | 7.2 HIGH | 8.8 HIGH |
| ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management and having a low GDT address allows it to be mapped in userland. A call gate can then be written to escalate to CPL 0. | |||||
| CVE-2022-26850 | 1 Apache | 1 Nifi | 2023-08-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| When creating or updating credentials for single-user access, Apache NiFi wrote a copy of the Login Identity Providers configuration to the operating system temporary directory. On most platforms, the operating system temporary directory has global read permissions. NiFi immediately moved the temporary file to the final configuration directory, which significantly limited the window of opportunity for access. NiFi 1.16.0 includes updates to replace the Login Identity Providers configuration without writing a file to the operating system temporary directory. | |||||
| CVE-2021-41989 | 1 Qlik | 1 Qlikview | 2023-08-08 | N/A | 7.8 HIGH |
| Qlik QlikView through 12.60.20100.0 creates a Temporary File in a Directory with Insecure Permissions. | |||||
| CVE-2021-41988 | 1 Qlik | 1 Nprinting Designer | 2023-08-08 | N/A | 7.8 HIGH |
| Qlik NPrinting Designer through 21.14.3.0 creates a Temporary File in a Directory with Insecure Permissions. | |||||
| CVE-2021-42714 | 2 Microsoft, Splashtop | 2 Windows, Splashtop | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Splashtop Remote Client (Business Edition) through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions. | |||||
| CVE-2021-39971 | 1 Huawei | 1 Harmonyos | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | |||||
| CVE-2021-37112 | 1 Huawei | 1 Harmonyos | 2023-08-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak. | |||||
| CVE-2022-45918 | 1 Ilias | 1 Ilias | 2023-08-08 | N/A | 6.5 MEDIUM |
| ILIAS before 7.16 allows External Control of File Name or Path. | |||||
| CVE-2021-42713 | 2 Microsoft, Splashtop | 2 Windows, Splashtop | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Splashtop Remote Client (Personal Edition) through 3.4.6.1 creates a Temporary File in a Directory with Insecure Permissions. | |||||
| CVE-2022-39952 | 1 Fortinet | 1 Fortinac | 2023-08-08 | N/A | 9.8 CRITICAL |
| A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request. | |||||
| CVE-2023-38955 | 1 Zkteco | 1 Bioaccess Ivs | 2023-08-07 | N/A | 7.5 HIGH |
| ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names. | |||||
| CVE-2023-33368 | 1 Assaabloy | 1 Control Id Idsecure | 2023-08-04 | N/A | 6.5 MEDIUM |
| Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes. | |||||
| CVE-2023-3670 | 1 Codesys | 2 Development System, Scripting | 2023-08-03 | N/A | 7.3 HIGH |
| In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users. | |||||
| CVE-2023-34189 | 1 Apache | 1 Inlong | 2023-08-02 | N/A | 6.5 MEDIUM |
| Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 to solve it. | |||||
| CVE-2023-39155 | 1 Jenkins | 1 Chef Identity | 2023-08-01 | N/A | 5.3 MEDIUM |
| Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it. | |||||
| CVE-2022-46901 | 1 Vocera | 2 Report Server, Voice Server | 2023-08-01 | N/A | 7.5 HIGH |
| An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database. | |||||
| CVE-2023-37645 | 1 Eyoucms | 1 Eyoucms | 2023-07-27 | N/A | 5.3 MEDIUM |
| eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt. | |||||
| CVE-2023-3299 | 1 Hashicorp | 1 Nomad | 2023-07-27 | N/A | 2.7 LOW |
| HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11. | |||||
| CVE-2023-32759 | 1 Archerirm | 1 Archer | 2023-07-27 | N/A | 6.5 MEDIUM |
| An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL. | |||||
| CVE-2023-37599 | 1 Issabel | 1 Pbx | 2023-07-27 | N/A | 7.5 HIGH |
| An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory | |||||
| CVE-2023-32760 | 1 Archerirm | 1 Archer | 2023-07-27 | N/A | 6.5 MEDIUM |
| An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication. | |||||
| CVE-2023-23501 | 1 Apple | 1 Macos | 2023-07-27 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory. | |||||
| CVE-2023-32394 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 2.4 LOW |
| The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. A person with physical access to a device may be able to view contact information from the lock screen. | |||||
| CVE-2021-28168 | 2 Eclipse, Oracle | 3 Jersey, Communications Cloud Native Core Policy, Communications Cloud Native Core Unified Data Repository | 2022-07-29 | 2.1 LOW | 5.5 MEDIUM |
| Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents of this file are viewable by all other users locally on the system. As such, if the contents written is security sensitive, it can be disclosed to other local users. | |||||
| CVE-2022-1488 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. | |||||
| CVE-2022-1501 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-1498 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-1637 | 1 Google | 2 Android, Chrome | 2022-07-28 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-34047 | 1 Wavlink | 2 Wl-wn530hg4, Wl-wn530hg4 Firmware | 2022-07-27 | N/A | 7.5 HIGH |
| An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd]. | |||||
| CVE-2022-29901 | 3 Fedoraproject, Intel, Xen | 252 Fedora, Core I3-6100, Core I3-6100 Firmware and 249 more | 2022-07-27 | 1.9 LOW | 6.5 MEDIUM |
| Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. | |||||
| CVE-2022-1137 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page. | |||||
| CVE-2018-20237 | 1 Atlassian | 2 Confluence Data Center, Confluence Server | 2022-07-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature. | |||||
| CVE-2022-24823 | 1 Netty | 1 Netty | 2022-07-25 | 1.9 LOW | 5.5 MEDIUM |
| Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. | |||||
| CVE-2022-23825 | 3 Amd, Debian, Fedoraproject | 248 A10-9600p, A10-9600p Firmware, A10-9630p and 245 more | 2022-07-25 | 2.1 LOW | 6.5 MEDIUM |
| Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | |||||
| CVE-2022-2408 | 1 Mattermost | 1 Mattermost | 2022-07-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Guest account feature in Mattermost version 6.7.0 and earlier fails to properly restrict the permissions, which allows a guest user to fetch a list of all public channels in the team, in spite of not being part of those channels. | |||||
| CVE-2021-4180 | 2 Openstack, Redhat | 2 Tripleo Heat Templates, Openstack | 2022-07-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1. | |||||
| CVE-2022-34765 | 1 Schneider-electric | 4 Opc Ua Module For M580, Opc Ua Module For M580 Firmware, X80 Advanced Rtu Module and 1 more | 2022-07-21 | N/A | 5.3 MEDIUM |
| A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | |||||
| CVE-2022-32249 | 1 Sap | 1 Business One | 2022-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker can exploit HANA cockpit?s data volume to gain access to highly sensitive information (e.g., high privileged account credentials) | |||||
| CVE-2022-34464 | 1 Siemens | 4 Sicam Gridedge Essential Arm, Sicam Gridedge Essential Gds Arm, Sicam Gridedge Essential Gds Intel and 1 more | 2022-07-19 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file. | |||||
| CVE-2022-33694 | 1 Google | 1 Android | 2022-07-15 | 2.1 LOW | 3.3 LOW |
| Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. | |||||
| CVE-2022-24139 | 1 Iobit | 1 Advanced System Care | 2022-07-15 | 7.2 HIGH | 7.8 HIGH |
| In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -> SYSTEM or from Local ADMIN-> Domain ADMIN depending on the user and named pipe that is used. | |||||
| CVE-2021-46687 | 1 Jfrog | 1 Artifactory | 2022-07-13 | 6.8 MEDIUM | 4.9 MEDIUM |
| JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.31.10 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x. | |||||
| CVE-2021-0542 | 1 Google | 1 Android | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| In updateNotification of BeamTransferManager.java, there is a missing permission check. This could lead to local information disclosure of paired Bluetooth addresses with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168712890 | |||||
| CVE-2021-40639 | 1 Jflyfox | 1 Jfinal Cms | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js. | |||||
| CVE-2021-45420 | 1 Emerson | 2 Dixell Xweb-500, Dixell Xweb-500 Firmware | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
| ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced. | |||||
| CVE-2021-28488 | 1 Ericsson | 1 Network Manager | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network data that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group). | |||||
| CVE-2021-43893 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-07-12 | 6.0 MEDIUM | 7.5 HIGH |
| Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability | |||||
| CVE-2021-43066 | 1 Fortinet | 1 Forticlient | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer. | |||||
| CVE-2021-22009 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service. | |||||
| CVE-2021-34539 | 1 Cubecoders | 1 Amp | 2022-07-12 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution. | |||||