Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46679 | 1 Dell | 1 Emc Powerscale Onefs | 2023-02-08 | N/A | 7.5 HIGH |
| Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2022-45098 | 1 Dell | 1 Emc Powerscale Onefs | 2023-02-08 | N/A | 5.5 MEDIUM |
| Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure. | |||||
| CVE-2022-45100 | 1 Dell | 1 Emc Powerscale Onefs | 2023-02-08 | N/A | 9.8 CRITICAL |
| Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to a full compromise of the system. | |||||
| CVE-2022-45099 | 1 Dell | 1 Emc Powerscale Onefs | 2023-02-08 | N/A | 7.8 HIGH |
| Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could potentially exploit this vulnerability, leading to a full system compromise | |||||
| CVE-2023-0608 | 1 Microweber | 1 Microweber | 2023-02-08 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2. | |||||
| CVE-2023-0610 | 1 Wallabag | 1 Wallabag | 2023-02-08 | N/A | 4.3 MEDIUM |
| Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3. | |||||
| CVE-2021-3958 | 1 Ipack | 1 Scada Automation | 2023-02-08 | 7.5 HIGH | 9.8 CRITICAL |
| Improper Handling of Parameters vulnerability in Ipack Automation Systems Ipack SCADA Software allows : Blind SQL Injection.This issue affects Ipack SCADA Software: from unspecified before 1.1.0. | |||||
| CVE-2022-34885 | 1 Motorola | 2 Mr2600, Mr2600 Firmware | 2023-02-07 | N/A | 6.7 MEDIUM |
| An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code. | |||||
| CVE-2022-32747 | 1 Schneider-electric | 1 Ecostruxure Cybersecurity Admin Expert | 2023-02-07 | N/A | 7.1 HIGH |
| A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. Affected Products: EcoStruxureâ„¢ Cybersecurity Admin Expert (CAE) (Versions prior to 2.2) | |||||
| CVE-2023-20856 | 1 Vmware | 1 Vrealize Operations | 2023-02-07 | N/A | 8.8 HIGH |
| VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user. | |||||
| CVE-2022-47701 | 1 Comfast Project | 2 Cf-wr623n, Cf-wr623n Firmware | 2023-02-07 | N/A | 6.1 MEDIUM |
| COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting (XSS). | |||||
| CVE-2022-47698 | 1 Comfast Project | 2 Cf-wr623n, Cf-wr623n Firmware | 2023-02-07 | N/A | 6.1 MEDIUM |
| COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting (XSS) via the URL filtering feature in the router. | |||||
| CVE-2022-47697 | 1 Comfast Project | 2 Cf-wr623n, Cf-wr623n Firmware | 2023-02-07 | N/A | 9.8 CRITICAL |
| COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts. | |||||
| CVE-2022-45435 | 1 Sailpoint | 1 Identityiq | 2023-02-07 | N/A | 6.5 MEDIUM |
| IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6, and all prior versions allow authenticated users assigned the Identity Administrator capability or any custom capability that contains the SetIdentityForwarding right to modify the work item forwarding configuration for identities other than the ones that should be allowed by Lifecycle Manager Quicklink Population configuration. | |||||
| CVE-2022-46835 | 1 Sailpoint | 1 Identityiq | 2023-02-07 | N/A | 7.5 HIGH |
| IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow access to arbitrary files in the application server filesystem due to a path traversal vulnerability in JavaServer Faces (JSF) 2.2.20 documented in CVE-2020-6950. | |||||
| CVE-2023-24829 | 1 Apache | 1 Iotdb | 2023-02-07 | N/A | 8.8 HIGH |
| Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.3 of iotdb-web-workbench onwards. | |||||
| CVE-2022-48176 | 1 Netgear | 12 Mr60, Mr60 Firmware, Ms60 and 9 more | 2023-02-07 | N/A | 7.8 HIGH |
| Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow. | |||||
| CVE-2022-47873 | 1 Netcad | 1 Keos | 2023-02-07 | N/A | 9.8 CRITICAL |
| Netcad KEOS 1.0 is vulnerable to XML External Entity (XXE) resulting in SSRF with XXE (remote). | |||||
| CVE-2022-45494 | 1 Json.h Project | 1 Json.h | 2023-02-07 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_object in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2022-45297 | 1 Eq Project | 1 Eq | 2023-02-07 | N/A | 9.8 CRITICAL |
| EQ v1.5.31 to v2.2.0 was discovered to contain a SQL injection vulnerability via the UserPwd parameter. | |||||