Search
Total
1115 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1983 | 1 Gitlab | 1 Gitlab | 2023-08-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even when IP address restrictions were configured. | |||||
| CVE-2023-23476 | 1 Ibm | 2 Robotic Process Automation, Robotic Process Automation For Cloud Pak | 2023-08-07 | N/A | 6.5 MEDIUM |
| IBM Robotic Process Automation 21.0.0 through 21.0.7.latest is vulnerable to unauthorized access to data due to insufficient authorization validation on some API routes. IBM X-Force ID: 245425. | |||||
| CVE-2023-36089 | 1 Dlink | 2 Dir-645, Dir-645 Firmware | 2023-08-04 | N/A | 9.8 CRITICAL |
| ** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-36090 | 1 Dlink | 2 Dir-885l, Dir-885l Firmware | 2023-08-04 | N/A | 9.8 CRITICAL |
| ** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-36092 | 1 Dlink | 2 Dir-859, Dir-859 Firmware | 2023-08-04 | N/A | 9.8 CRITICAL |
| ** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-36091 | 1 Dlink | 2 Dir-895l, Dir-895l Firmware | 2023-08-04 | N/A | 9.8 CRITICAL |
| ** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-3957 | 1 Navz | 1 Acf Photo Gallery Field | 2023-08-02 | N/A | 4.3 MEDIUM |
| The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient restriction on the 'apg_profile_update' function in versions up to, and including, 1.9. This makes it possible for authenticated attackers, with subscriber-level permissions or above, to update the user metas arbitrarily. The meta value can only be a string. | |||||
| CVE-2023-32629 | 1 Canonical | 1 Ubuntu Linux | 2023-08-02 | N/A | 7.8 HIGH |
| Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels | |||||
| CVE-2023-21719 | 1 Microsoft | 1 Edge Chromium | 2023-08-02 | N/A | 6.5 MEDIUM |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2023-36826 | 1 Sentry | 1 Sentry | 2023-08-02 | N/A | 6.5 MEDIUM |
| Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the organization or have permissions on the project. A patch was issued in version 23.5.2 to ensure authorization checks are properly scoped on requests to retrieve debug or artifact bundles. Authenticated users who do not have the necessary permissions on the particular project are no longer able to download them. Sentry SaaS users do not need to take any action. Self-Hosted Sentry users should upgrade to version 23.5.2 or higher. | |||||
| CVE-2022-0580 | 1 Librenms | 1 Librenms | 2023-08-02 | 6.5 MEDIUM | 8.8 HIGH |
| Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. | |||||
| CVE-2022-0762 | 1 Microweber | 1 Microweber | 2023-08-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3. | |||||
| CVE-2022-1223 | 1 Phpipam | 1 Phpipam | 2023-08-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| Incorrect Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. | |||||
| CVE-2021-31165 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-08-02 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Manager Service Elevation of Privilege Vulnerability | |||||
| CVE-2023-38058 | 1 Otrs | 1 Otrs | 2023-08-01 | N/A | 4.3 MEDIUM |
| An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket without the needed permission. This issue affects OTRS: from 8.0.X before 8.0.35. | |||||
| CVE-2023-39154 | 1 Jenkins | 1 Qualys Web App Scanning Connector | 2023-07-31 | N/A | 6.5 MEDIUM |
| Incorrect permission checks in Jenkins Qualys Web App Scanning Connector Plugin 2.0.10 and earlier allow attackers with global Item/Configure permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2023-36339 | 1 Webboss | 1 Webboss.io Cms | 2023-07-28 | N/A | 7.5 HIGH |
| An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request. | |||||
| CVE-2023-3584 | 1 Mattermost | 1 Mattermost Server | 2023-07-27 | N/A | 3.1 LOW |
| Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team override scheme ID in the request, allowing an authenticated attacker with knowledge of a Team Override Scheme ID to create a new team with said team override scheme. | |||||
| CVE-2023-3582 | 1 Mattermost | 1 Mattermost Server | 2023-07-27 | N/A | 4.3 MEDIUM |
| Mattermost fails to verify channel membership when linking a board to a channel allowing a low-privileged authenticated user to link a Board to a private channel they don't have access to, | |||||
| CVE-2023-3586 | 1 Mattermost | 1 Mattermost Server | 2023-07-27 | N/A | 5.4 MEDIUM |
| Mattermost fails to disable public Boards after the "Enable Publicly-Shared Boards" configuration option is disabled, resulting in previously-shared public Boards to remain accessible. | |||||
| CVE-2023-3590 | 1 Mattermost | 1 Mattermost Server | 2023-07-27 | N/A | 7.5 HIGH |
| Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments. | |||||
| CVE-2022-26563 | 1 Tildeslash | 1 Monit | 2023-07-27 | N/A | 8.8 HIGH |
| An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization. | |||||
| CVE-2023-3459 | 1 Webtoffee | 1 Import Export Wordpress Users | 2023-07-27 | N/A | 7.2 HIGH |
| The Export and Import Users and Customers plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hf_update_customer' function called via an AJAX action in versions up to, and including, 2.4.1. This makes it possible for authenticated attackers, with shop manager-level permissions to change user passwords and potentially take over administrator accounts. | |||||
| CVE-2023-34035 | 1 Vmware | 1 Spring Security | 2023-07-27 | N/A | 5.3 MEDIUM |
| Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (DispatcherServlet is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.) Specifically, an application is vulnerable when all of the following are true: * Spring MVC is on the classpath * Spring Security is securing more than one servlet in a single application (one of them being Spring MVC’s DispatcherServlet) * The application uses requestMatchers(String) to refer to endpoints that are not Spring MVC endpoints An application is not vulnerable if any of the following is true: * The application does not have Spring MVC on the classpath * The application secures no servlets other than Spring MVC’s DispatcherServlet * The application uses requestMatchers(String) only for Spring MVC endpoints | |||||
| CVE-2023-3613 | 1 Mattermost | 1 Mattermost Server | 2023-07-26 | N/A | 3.5 LOW |
| Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding users to channels allowing guest accounts to be added or invited to channels by default. | |||||
| CVE-2023-32482 | 1 Dell | 1 Wyse Management Suite | 2023-07-26 | N/A | 4.9 MEDIUM |
| Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group. | |||||
| CVE-2023-38493 | 2023-07-26 | N/A | N/A | ||
| Armeria is a microservice framework Spring supports Matrix variables. When Spring integration is used, Armeria calls Spring controllers via `TomcatService` or `JettyService` with the path that may contain matrix variables. Prior to version 1.24.3, the Armeria decorators might not invoked because of the matrix variables. If an attacker sends a specially crafted request, the request may bypass the authorizer. Version 1.24.3 contains a patch for this issue. | |||||
| CVE-2022-31168 | 1 Zulip | 1 Zulip | 2022-07-29 | N/A | 8.8 HIGH |
| Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who don’t own any bots, and lack permission to create them, can’t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to administrators only, and change the ownership of existing bots. | |||||
| CVE-2022-0594 | 1 Shareaholic | 1 Shareaholic | 2022-07-29 | N/A | 5.3 MEDIUM |
| The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc. | |||||
| CVE-2022-1499 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 6.3 MEDIUM |
| Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | |||||
| CVE-2022-34046 | 1 Wavlink | 2 Wn533a8, Wn533a8 Firmware | 2022-07-27 | N/A | 7.5 HIGH |
| An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);]. | |||||
| CVE-2022-1309 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 9.6 CRITICAL |
| Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2022-1132 | 1 Google | 2 Chrome, Chrome Os | 2022-07-27 | N/A | 6.1 MEDIUM |
| Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device. | |||||
| CVE-2022-33198 | 1 Oxilab | 1 Accordions | 2022-07-26 | N/A | 5.3 MEDIUM |
| Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress. | |||||
| CVE-2022-34487 | 1 Oxilab | 1 Shortcode Addons | 2022-07-26 | N/A | 5.3 MEDIUM |
| Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress. | |||||
| CVE-2022-22978 | 1 Vmware | 1 Spring Security | 2022-07-25 | 7.5 HIGH | 9.8 CRITICAL |
| In Spring Security versions 5.5.6 and 5.6.3 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass | |||||
| CVE-2020-9492 | 1 Apache | 2 Hadoop, Solr | 2022-07-25 | 6.5 MEDIUM | 8.8 HIGH |
| In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. | |||||
| CVE-2021-22119 | 2 Oracle, Vmware | 2 Communications Cloud Native Core Policy, Spring Security | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session or multiple sessions. | |||||
| CVE-2021-34429 | 3 Eclipse, Netapp, Oracle | 14 Jetty, E-series Santricity Os Controller, E-series Santricity Web Services and 11 more | 2022-07-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5. | |||||
| CVE-2022-2108 | 1 Wbcomdesigns | 1 Buddypress Group Reviews | 2022-07-25 | N/A | 5.3 MEDIUM |
| The plugin Wbcom Designs – BuddyPress Group Reviews for WordPress is vulnerable to unauthorized settings changes and review modification due to missing capability checks and improper nonce checks in several functions related to said actions in versions up to, and including, 2.8.3. This makes it possible for unauthenticated attackers to modify reviews and plugin settings on the affected site. | |||||
| CVE-2021-43781 | 1 Inveniosoftware | 1 Invenio-drafts-resources | 2022-07-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default installation of InvenioRDM. An authenticated a user is able via REST API calls to publish draft records of other users if they know the record identifier and the draft validates (e.g. all require fields filled out). An attacker is not able to modify the data in the record, and thus e.g. *cannot* change a record from restricted to public. The problem is patched in Invenio-Drafts-Resources v0.13.7 and 0.14.6, which is part of InvenioRDM v6.0.1 and InvenioRDM v7.0 respectively. | |||||
| CVE-2021-4194 | 1 Bookstackapp | 1 Bookstack | 2022-07-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| bookstack is vulnerable to Improper Access Control | |||||
| CVE-2022-36126 | 1 Inductiveautomation | 1 Ignition | 2022-07-22 | N/A | 7.2 HIGH |
| An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script. | |||||
| CVE-2022-31107 | 1 Grafana | 1 Grafana | 2022-07-22 | N/A | 7.5 HIGH |
| Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address. | |||||
| CVE-2022-31153 | 1 Openzeppelin | 1 Contracts | 2022-07-22 | N/A | 6.5 MEDIUM |
| OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0.2.0 release of OpenZeppelin Contracts for Cairo, which are not whitelisted on StarkNet mainnet. Only goerli deployments of v0.2.0 accounts are affected. This faulty behavior is not observed in StarkNet's testing framework. This bug has been patched in v0.2.1. | |||||
| CVE-2022-26479 | 1 Poly | 2 Eagleeye Director Ii, Eagleeye Director Ii Firmware | 2022-07-22 | N/A | 9.8 CRITICAL |
| An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication. | |||||
| CVE-2021-28544 | 2 Apache, Debian | 2 Subversion, Debian Linux | 2022-07-22 | 3.5 LOW | 4.3 MEDIUM |
| Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom' path of the original. This also reveals the fact that the node was copied. Only the 'copyfrom' path is revealed; not its contents. Both httpd and svnserve servers are vulnerable. | |||||
| CVE-2022-35890 | 1 Inductiveautomation | 1 Ignition | 2022-07-21 | N/A | 9.8 CRITICAL |
| An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were generated in the past and then hijack sessions assigned to these IDs via Randy. | |||||
| CVE-2017-10379 | 5 Debian, Mariadb, Netapp and 2 more | 17 Debian Linux, Mariadb, Active Iq Unified Manager and 14 more | 2022-07-19 | 4.0 MEDIUM | 6.5 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | |||||
| CVE-2022-1025 | 1 Linuxfoundation | 1 Argo-cd | 2022-07-19 | 9.0 HIGH | 8.8 HIGH |
| All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level. | |||||