Total
1299 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-45172 | 1 Liveboxcloud | 1 Vdesk | 2023-02-08 | N/A | 9.8 CRITICAL |
An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEmail endpoint, the /api/v1/vdeskintegration/user/adduser endpoint, and the /api/v1/registration/changePasswordUser endpoint. The web application is affected by flaws in authorization logic, through which a malicious user (with no privileges) is able to perform privilege escalation to the administrator role, and steal the accounts of any users on the system. | |||||
CVE-2022-45435 | 1 Sailpoint | 1 Identityiq | 2023-02-07 | N/A | 6.5 MEDIUM |
IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6, and all prior versions allow authenticated users assigned the Identity Administrator capability or any custom capability that contains the SetIdentityForwarding right to modify the work item forwarding configuration for identities other than the ones that should be allowed by Lifecycle Manager Quicklink Population configuration. | |||||
CVE-2023-24829 | 1 Apache | 1 Iotdb | 2023-02-07 | N/A | 8.8 HIGH |
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.3 of iotdb-web-workbench onwards. | |||||
CVE-2022-48066 | 1 Totolink | 2 A830r, A830r Firmware | 2023-02-07 | N/A | 9.8 CRITICAL |
An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie. | |||||
CVE-2022-22978 | 3 Netapp, Oracle, Vmware | 3 Active Iq Unified Manager, Financial Services Crime And Compliance Management Studio, Spring Security | 2023-02-03 | 7.5 HIGH | 9.8 CRITICAL |
In Spring Security versions 5.5.6 and 5.6.3 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass | |||||
CVE-2022-43515 | 1 Zabbix | 1 Frontend | 2023-02-03 | N/A | 9.8 CRITICAL |
Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range. | |||||
CVE-2020-13300 | 1 Gitlab | 1 Gitlab | 2023-02-03 | 6.4 MEDIUM | 10.0 CRITICAL |
GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow. | |||||
CVE-2022-26501 | 1 Veeam | 1 Backup \& Replication | 2023-02-02 | 10.0 HIGH | 9.8 CRITICAL |
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). | |||||
CVE-2022-37767 | 1 Pebbletemplates | 1 Pebble Templates | 2023-02-02 | N/A | 9.8 CRITICAL |
** DISPUTED ** Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the vendor disputes this because input to the Pebble templating engine is intended to include arbitrary Java code, and thus either the input should not arrive from an untrusted source, or else the application using the engine should apply restrictions to the input. The engine is not responsible for validating the input. | |||||
CVE-2023-22500 | 1 Glpi-project | 1 Glpi | 2023-02-01 | N/A | 7.5 HIGH |
GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6 are vulnerable to Incorrect Authorization. This vulnerability allow unauthorized access to inventory files. Thus, if anonymous access to FAQ is allowed, inventory files are accessbile by unauthenticated users. This issue is patched in version 10.0.6. As a workaround, disable native inventory and delete inventory files from server (default location is `files/_inventory`). | |||||
CVE-2022-40036 | 1 Blog-ssm Project | 1 Blog-ssm | 2023-02-01 | N/A | 6.5 MEDIUM |
An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component. | |||||
CVE-2022-3740 | 1 Gitlab | 1 Gitlab | 2023-02-01 | N/A | 4.9 MEDIUM |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git repositories and package registries by using Deploy tokens or Deploy keys . | |||||
CVE-2023-21719 | 1 Microsoft | 1 Edge Chromium | 2023-02-01 | N/A | 6.5 MEDIUM |
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. | |||||
CVE-2023-20018 | 1 Cisco | 44 Ip Phone 7800, Ip Phone 7800 Firmware, Ip Phone 7811 and 41 more | 2023-01-31 | N/A | 6.5 MEDIUM |
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication. | |||||
CVE-2019-17190 | 1 Avast | 1 Secure Browser | 2023-01-31 | 7.2 HIGH | 7.8 HIGH |
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORITY\SYSTEM) when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, the elevated process cleans the ACL of the Update.ini file in %PROGRAMDATA%\Avast Software\Browser\Update\ and sets all privileges to group Everyone. Because any low-privileged user can create, delete, or modify the Update.ini file stored in this location, an attacker with low privileges can create a hard link named Update.ini in this folder, and make it point to a file writable by NT AUTHORITY\SYSTEM. Once AvastBrowserUpdate.exe is triggered by the update check functionality, the DACL is set to a misconfigured value on the crafted Update.ini and, consequently, to the target file that was previously not writable by the low-privileged attacker. | |||||
CVE-2019-11724 | 2 Mozilla, Opensuse | 2 Firefox, Leap | 2023-01-31 | 5.8 MEDIUM | 6.1 MEDIUM |
Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects Firefox < 68. | |||||
CVE-2022-31595 | 1 Sap | 1 Adaptive Server Enterprise | 2023-01-30 | 6.5 MEDIUM | 8.8 HIGH |
SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | |||||
CVE-2022-40843 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2023-01-27 | N/A | 4.9 MEDIUM |
The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account. | |||||
CVE-2022-23739 | 1 Github | 1 Enterprise Server | 2023-01-24 | N/A | 9.8 CRITICAL |
An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub Apps. This vulnerability allowed an app installed on an organization to gain access to and modify most organization-level resources that are not tied to a repository regardless of granted permissions, such as users and organization-wide projects. Resources associated with repositories were not impacted, such as repository file content, repository-specific projects, issues, or pull requests. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.7.1 and was fixed in versions 3.3.16, 3.4.11, 3.5.8, 3.6.4, 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program. | |||||
CVE-2022-24778 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Imgcrypt | 2023-01-24 | 5.0 MEDIUM | 7.5 HIGH |
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function `CheckAuthorization` is supposed to check whether the current used is authorized to access an encrypted image and prevent the user from running an image that another user previously decrypted on the same system. In versions prior to 1.1.4, a failure occurs when an image with a ManifestList is used and the architecture of the local host is not the first one in the ManifestList. Only the first architecture in the list was tested, which may not have its layers available locally since it could not be run on the host architecture. Therefore, the verdict on unavailable layers was that the image could be run anticipating that image run failure would occur later due to the layers not being available. However, this verdict to allow the image to run enabled other architectures in the ManifestList to run an image without providing keys if that image had previously been decrypted. A patch has been applied to imgcrypt 1.1.4. Workarounds may include usage of different namespaces for each remote user. |