Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47634 | 1 Isode | 1 M-link | 2023-01-09 | N/A | 8.1 HIGH |
| M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867. | |||||
| CVE-2022-31740 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-01-06 | N/A | 8.8 HIGH |
| On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | |||||
| CVE-2022-43848 | 1 Ibm | 2 Aix, Vios | 2023-01-06 | N/A | 6.2 MEDIUM |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169. | |||||
| CVE-2019-19030 | 1 Linuxfoundation | 1 Harbor | 2023-01-05 | N/A | 5.3 MEDIUM |
| Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists. | |||||
| CVE-2021-4235 | 1 Yaml Project | 1 Yaml | 2023-01-05 | N/A | 5.5 MEDIUM |
| Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector. | |||||
| CVE-2022-46740 | 1 Huawei | 2 Ws7100-20, Ws7100-20 Firmware | 2023-01-05 | N/A | 6.5 MEDIUM |
| There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition. | |||||
| CVE-2022-34674 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2023-01-05 | N/A | 6.8 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak. | |||||
| CVE-2021-35951 | 1 Fastrack | 2 Reflex 2.0, Reflex 2.0 Firmware | 2023-01-05 | N/A | 7.5 HIGH |
| fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device. | |||||
| CVE-2021-35952 | 1 Fastrack | 2 Reflex 2.0, Reflex 2.0 Firmware | 2023-01-05 | N/A | 5.3 MEDIUM |
| fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017. | |||||
| CVE-2021-35953 | 1 Fastrack | 2 Reflex 2.0, Reflex 2.0 Firmware | 2023-01-05 | N/A | 7.5 HIGH |
| fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service (device outage) via crafted choices of the last three bytes of a characteristic value. | |||||
| CVE-2019-18177 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2023-01-05 | N/A | 6.5 MEDIUM |
| In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update. | |||||
| CVE-2019-14802 | 1 Hashicorp | 1 Nomad | 2023-01-05 | N/A | 5.3 MEDIUM |
| HashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template rendering, aka GHSA-6hv3-7c34-4hx8. This applies to nomad/client/allocrunner/taskrunner/template. | |||||
| CVE-2019-13988 | 1 Sierrawireless | 3 Airlink Mg90, Airlink Omg2000, Mgos | 2023-01-05 | N/A | 6.5 MEDIUM |
| Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request (aka Forced Browsing). | |||||
| CVE-2020-11101 | 1 Sierrawireless | 1 Airlink Mobility Manager | 2023-01-05 | N/A | 9.8 CRITICAL |
| Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges. | |||||
| CVE-2022-27775 | 4 Brocade, Debian, Haxx and 1 more | 16 Fabric Operating System, Debian Linux, Curl and 13 more | 2023-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. | |||||
| CVE-2022-26969 | 1 Monospace | 1 Directus | 2023-01-05 | N/A | 9.8 CRITICAL |
| In Directus before 9.7.0, the default settings of CORS_ORIGIN and CORS_ENABLED are true. | |||||
| CVE-2021-43395 | 5 Illumos, Joyent, Omniosce and 2 more | 5 Illumos, Smartos, Omnios and 2 more | 2023-01-05 | N/A | 5.5 MEDIUM |
| An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected. | |||||
| CVE-2018-16135 | 1 Opera | 1 Opera Mini | 2023-01-05 | N/A | 6.5 MEDIUM |
| The Opera Mini application 47.1.2249.129326 for Android allows remote attackers to spoof the Location Permission dialog via a crafted web site. | |||||
| CVE-2022-4719 | 1 Ikus-soft | 1 Rdiffweb | 2023-01-05 | N/A | 9.8 CRITICAL |
| Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5. | |||||
| CVE-2022-41767 | 1 Mediawiki | 1 Mediawiki | 2023-01-04 | N/A | 5.3 MEDIUM |
| An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. When changes made by an IP address are reassigned to a user (using reassignEdits.php), the changes will still be attributed to the IP address on Special:Contributions when doing a range lookup. | |||||