Total
336 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-2793 | 1 Emerson | 1 Electric\'s Proficy | 2023-12-10 | N/A | 7.8 HIGH |
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol. | |||||
CVE-2022-30262 | 1 Emerson | 4 Controlwave Micro, Controlwave Micro Firmware, Controlwave Pac and 1 more | 2023-12-10 | N/A | 7.8 HIGH |
The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. | |||||
CVE-2022-0031 | 2 Linux, Paloaltonetworks | 2 Linux Kernel, Cortex Xsoar | 2023-12-10 | N/A | 6.7 MEDIUM |
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges. | |||||
CVE-2022-28370 | 1 Verizon | 2 Lvskihp Outdoorunit, Lvskihp Outdoorunit Firmware | 2023-12-10 | N/A | 7.5 HIGH |
On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade provides a means of provisioning a firmware update for the device. /lib/functions/wnc_jsonsh/wnc_crtc_fw.sh has no cryptographic validation of the image, thus allowing an attacker to modify the installed firmware. | |||||
CVE-2022-2255 | 2 Debian, Modwsgi | 2 Debian Linux, Mod Wsgi | 2023-12-10 | N/A | 7.5 HIGH |
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing. | |||||
CVE-2020-1755 | 1 Moodle | 1 Moodle | 2023-12-10 | N/A | 5.3 MEDIUM |
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks. | |||||
CVE-2022-37008 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-12-10 | N/A | 7.5 HIGH |
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability. | |||||
CVE-2015-5236 | 1 Icedtea-web Project | 1 Icedtea-web | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
It was discovered that the IcedTea-Web used codebase attribute of the <applet> tag on the HTML page that hosts Java applet in the Same Origin Policy (SOP) checks. As the specified codebase does not have to match the applet's actual origin, this allowed malicious site to bypass SOP via spoofed codebase value. | |||||
CVE-2022-36360 | 1 Siemens | 4 Logo\!8 Bm, Logo\!8 Bm Fs-05, Logo\!8 Bm Fs-05 Firmware and 1 more | 2023-12-10 | N/A | 7.5 HIGH |
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker to manipulate a firmware update and flash it to the device. | |||||
CVE-2021-26368 | 1 Amd | 140 Ryzen 3 2200u, Ryzen 3 2200u Firmware, Ryzen 3 2300u and 137 more | 2023-12-10 | 4.9 MEDIUM | 4.4 MEDIUM |
Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service. | |||||
CVE-2021-4031 | 1 Syltek | 1 Syltek | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Syltek application before its 10.22.00 version, does not correctly check that a product ID has a valid payment associated to it. This could allow an attacker to forge a request and bypass the payment system by marking items as payed without any verification. | |||||
CVE-2020-14116 | 1 Mi | 1 Mi Browser | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An intent redirection vulnerability in the Mi Browser product. This vulnerability is caused by the Mi Browser does not verify the validity of the incoming data. Attackers can perform sensitive operations by exploiting this. | |||||
CVE-2021-29655 | 1 Pexip | 1 Infinity Connect | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus, untrusted code may execute. | |||||
CVE-2022-31813 | 3 Apache, Fedoraproject, Netapp | 3 Http Server, Fedora, Clustered Data Ontap | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. | |||||
CVE-2021-26625 | 2 Microsoft, Tobesoft | 2 Windows, Nexacro | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation logic to download and execute arbitrary malicious file. | |||||
CVE-2021-24825 | 1 Custom Content Shortcode Project | 1 Custom Content Shortcode | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to display arbitrary files from the filesystem (such as logs, .htaccess etc), as well as perform Local File Inclusion attacks as PHP files will be executed. Please note that such attack is still possible by admin+ in single site blogs by default (but won't be when either the unfiltered_html or file_edit is disallowed) | |||||
CVE-2021-39689 | 1 Google | 1 Android | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
In multiple functions of odsign_main.cpp, there is a possible way to persist system attack due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-206090748 | |||||
CVE-2022-29220 | 1 Fastify | 1 Github Action Merge Dependabot | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). Prior to version 3.2.0, github-action-merge-dependabot does not check if a commit created by dependabot is verified with the proper GPG key. There is just a check if the actor is set to `dependabot[bot]` to determine if the PR is a legit PR. Theoretically, an owner of a seemingly valid and legit action in the pipeline can check if the PR is created by dependabot and if their own action has enough permissions to modify the PR in the pipeline. If so, they can modify the PR by adding a second seemingly valid and legit commit to the PR, as they can set arbitrarily the username and email in for commits in git. Because the bot only checks if the actor is valid, it would pass the malicious changes through and merge the PR automatically, without getting noticed by project maintainers. It would probably not be possible to determine where the malicious commit came from, as it would only say `dependabot[bot]` and the corresponding email-address. Version 3.2.0 contains a patch for this issue. | |||||
CVE-2020-14115 | 1 Mi | 2 Ax3600, Ax3600 Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code. | |||||
CVE-2022-22567 | 1 Dell | 428 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 425 more | 2023-12-10 | 3.6 LOW | 5.1 MEDIUM |
Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware. |