Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46877 | 2 Debian, Mozilla | 2 Debian Linux, Firefox | 2023-02-20 | N/A | 4.3 MEDIUM |
| By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. | |||||
| CVE-2022-46871 | 2 Debian, Mozilla | 2 Debian Linux, Firefox | 2023-02-20 | N/A | 8.8 HIGH |
| An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. | |||||
| CVE-2023-25396 | 1 Caphyon | 1 Advanced Installer | 2023-02-18 | N/A | 7.8 HIGH |
| Privilege escalation in the MSI repair functionality in Caphyon Advanced Installer 20.0 and below allows attackers to access and manipulate system files. | |||||
| CVE-2022-31259 | 1 Beego | 1 Beego | 2023-02-17 | 6.8 MEDIUM | 9.8 CRITICAL |
| The route lookup process in beego before 1.12.9 and 2.x before 2.0.3 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1). | |||||
| CVE-2023-23592 | 1 Wallix | 1 Bastion Access Manager | 2023-02-17 | N/A | 7.5 HIGH |
| WALLIX Access Manager 3.x through 4.0.x allows a remote attacker to access sensitive information. | |||||
| CVE-2023-21419 | 1 Google | 1 Android | 2023-02-17 | N/A | 7.5 HIGH |
| An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition. | |||||
| CVE-2023-0575 | 4 Apple, Linux, Microsoft and 1 more | 5 Iphone Os, Macos, Linux Kernel and 2 more | 2023-02-17 | N/A | 9.8 CRITICAL |
| External Control of Critical State Data, Improper Control of Generation of Code ('Code Injection') vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS (DevopsBase.Java:execCommand, TableManager.Java:runCommand modules) allows API Manipulation, Privilege Abuse. This vulnerability is associated with program files backup.Py. This issue affects Yugabyte DB: Lesser then 2.2. | |||||
| CVE-2023-0751 | 1 Freebsd | 1 Freebsd | 2023-02-16 | N/A | 6.5 MEDIUM |
| When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is encrypted with an empty key file allowing trivial recovery of the master key. | |||||
| CVE-2022-30564 | 1 Dahuasecurity | 194 Ipc-hf5241f-ze, Ipc-hf5241f-ze Firmware, Ipc-hf5442f-ze and 191 more | 2023-02-16 | N/A | 5.3 MEDIUM |
| Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time. | |||||
| CVE-2023-24573 | 1 Dell | 1 Command \| Monitor | 2023-02-16 | N/A | 7.1 HIGH |
| Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | |||||
| CVE-2022-48257 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2023-02-16 | N/A | 5.3 MEDIUM |
| In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. | |||||
| CVE-2022-48258 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2023-02-16 | N/A | 5.3 MEDIUM |
| In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles. | |||||
| CVE-2022-45213 | 1 Perfsonar | 1 Perfsonar | 2023-02-16 | N/A | 5.3 MEDIUM |
| perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL. | |||||
| CVE-2022-48290 | 1 Huawei | 1 Harmonyos | 2023-02-16 | N/A | 9.1 CRITICAL |
| The phone-PC collaboration module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality and integrity. | |||||
| CVE-2023-24688 | 1 Mojoportal | 1 Mojoportal | 2023-02-16 | N/A | 5.3 MEDIUM |
| An issue in Mojoportal v2.7.0.0 allows an unauthenticated attacker to register a new user even if the Allow User Registrations feature is disabled. | |||||
| CVE-2022-45192 | 1 Microchip | 2 Rn4870, Rn4870 Firmware | 2023-02-16 | N/A | 6.5 MEDIUM |
| An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a cleartext encryption pause request. | |||||
| CVE-2018-7935 | 1 Huawei | 2 E5573cs-322, E5573cs-322 Firmware | 2023-02-16 | N/A | 5.3 MEDIUM |
| There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable. | |||||
| CVE-2023-0574 | 1 Yugabyte | 1 Yugabytedb Managed | 2023-02-16 | N/A | 9.8 CRITICAL |
| Server-Side Request Forgery (SSRF), Improperly Controlled Modification of Dynamically-Determined Object Attributes, Improper Restriction of Excessive Authentication Attempts vulnerability in YugaByte, Inc. Yugabyte Managed allows Accessing Functionality Not Properly Constrained by ACLs, Communication Channel Manipulation, Authentication Abuse.This issue affects Yugabyte Managed: from 2.0 through 2.13. | |||||
| CVE-2022-24990 | 1 Terra-master | 30 F2-210, F2-221, F2-223 and 27 more | 2023-02-16 | N/A | 7.5 HIGH |
| TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. | |||||
| CVE-2022-48287 | 1 Huawei | 2 Emui, Harmonyos | 2023-02-16 | N/A | 7.5 HIGH |
| The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity. | |||||