Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46356 | 1 Hp | 1 Security Manager | 2023-02-07 | N/A | 8.8 HIGH |
| Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. | |||||
| CVE-2022-46359 | 1 Hp | 1 Security Manager | 2023-02-07 | N/A | 8.8 HIGH |
| Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. | |||||
| CVE-2022-46358 | 1 Hp | 1 Security Manager | 2023-02-07 | N/A | 8.8 HIGH |
| Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. | |||||
| CVE-2022-21129 | 1 Paypal | 1 Nemo-appium | 2023-02-07 | N/A | 9.8 CRITICAL |
| Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports.setup' function. **Note:** In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium dependencies. | |||||
| CVE-2022-46621 | 2023-02-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-46620 | 2023-02-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-4441 | 1 Hitachi | 1 Storage Plug-in | 2023-02-07 | N/A | 8.8 HIGH |
| Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.9.0 before 04.9.1. | |||||
| CVE-2022-4041 | 1 Hitachi | 1 Storage Plug-in | 2023-02-07 | N/A | 8.8 HIGH |
| Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.1. | |||||
| CVE-2022-44897 | 1 Apollotheme | 1 Ap Pagebuilder | 2023-02-07 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in ApolloTheme AP PageBuilder component through 2.4.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the show_number parameter. | |||||
| CVE-2022-39061 | 1 Changingtec | 1 Megaservisignadapter | 2023-02-07 | N/A | 6.5 MEDIUM |
| ChangingTech MegaServiSignAdapter component has a vulnerability of Out-of-bounds Read due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit this vulnerability to access partial sensitive content in memory and disrupts partial services. | |||||
| CVE-2022-40258 | 1 Ami | 2 Megarac Spx-12, Megarac Spx-13 | 2023-02-07 | N/A | 5.3 MEDIUM |
| AMI Megarac Weak password hashes for Redfish & API | |||||
| CVE-2023-22900 | 1 Thinkingsoftware | 1 Efence | 2023-02-07 | N/A | 9.8 CRITICAL |
| Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database. | |||||
| CVE-2023-24623 | 1 Paranoidhttp Project | 1 Paranoidhttp | 2023-02-07 | N/A | 7.5 HIGH |
| Paranoidhttp before 0.3.0 allows SSRF because [::] is equivalent to the 127.0.0.1 address, but does not match the filter for private addresses. | |||||
| CVE-2023-23582 | 1 Snapav | 2 Wattbox Wb-300-ip-3, Wattbox Wb-300-ip-3 Firmware | 2023-02-07 | N/A | 9.8 CRITICAL |
| Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely. | |||||
| CVE-2023-22389 | 1 Snapav | 2 Wattbox Wb-300-ip-3, Wattbox Wb-300-ip-3 Firmware | 2023-02-07 | N/A | 6.5 MEDIUM |
| Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore–>Backup Settings, which could be read by any user accessing the file. | |||||
| CVE-2022-48175 | 1 Rukovoditel | 1 Rukovoditel | 2023-02-07 | N/A | 9.8 CRITICAL |
| Rukovoditel v3.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the component /rukovoditel/index.php?module=dashboard/ajax_request. | |||||
| CVE-2023-24059 | 1 Rockstargames | 1 Grand Theft Auto V | 2023-02-07 | N/A | 7.3 HIGH |
| Grand Theft Auto V for PC allows attackers to achieve partial remote code execution or modify files on a PC, as exploited in the wild in January 2023. | |||||
| CVE-2022-32512 | 1 Schneider-electric | 1 Canbrass | 2023-02-06 | N/A | 7.8 HIGH |
| A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause remote code execution when a command which exploits this vulnerability is utilized. Affected Products: CanBRASS (Versions prior to V7.5.1) | |||||
| CVE-2022-22732 | 1 Schneider-electric | 1 Ecostruxure Power Commission | 2023-02-06 | N/A | 7.5 HIGH |
| A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources (data) supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Commission (Versions prior to V2.22) | |||||
| CVE-2022-22731 | 1 Schneider-electric | 1 Ecostruxure Power Commission | 2023-02-06 | N/A | 9.8 CRITICAL |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in a function that could allow an attacker to create or overwrite critical files that are used to execute code, such as programs or libraries and cause path traversal attacks. Affected Products: EcoStruxure Power Commission (Versions prior to V2.22) | |||||