Total
9127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27863 | 1 Vikwp | 1 Vikbooking Hotel Booking Engine \& Property Management System Plugin | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to get the booking data by guessing / brute-forcing easy predictable booking IDs via search POST requests. | |||||
| CVE-2022-27849 | 1 Plugin-planet | 1 Simple Ajax Chat | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115 | |||||
| CVE-2022-27844 | 1 Wpvivid | 1 Migration\, Backup\, Staging | 2024-11-21 | 5.0 MEDIUM | 2.7 LOW |
| Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70 | |||||
| CVE-2022-27775 | 5 Brocade, Debian, Haxx and 2 more | 17 Fabric Operating System, Debian Linux, Curl and 14 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. | |||||
| CVE-2022-27667 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure. | |||||
| CVE-2022-27633 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-11-21 | N/A | 7.5 HIGH |
| An information disclosure vulnerability exists in the confctl_get_guest_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to information disclosure. An attacker can send packets to trigger this vulnerability. | |||||
| CVE-2022-27630 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-11-21 | N/A | 7.5 HIGH |
| An information disclosure vulnerability exists in the confctl_get_master_wlan functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to information disclosure. An attacker can send packets to trigger this vulnerability. | |||||
| CVE-2022-27576 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission | |||||
| CVE-2022-27575 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission. | |||||
| CVE-2022-27490 | 1 Fortinet | 4 Fortianalyzer, Fortimanager, Fortiportal and 1 more | 2024-11-21 | N/A | 5.4 MEDIUM |
| A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 through 6.0.4, FortiAnalyzer version 6.0.0 through 6.0.4, FortiPortal version 6.0.0 through 6.0.9, 5.3.0 through 5.3.8, 5.2.x, 5.1.0, 5.0.x, 4.2.x, 4.1.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.x, 6.0.x allows an attacker which has obtained access to a restricted administrative account to obtain sensitive information via `diagnose debug` commands. | |||||
| CVE-2022-27241 | 1 Mendix | 1 Mendix | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.11), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). Applications built with an affected system publicly expose the internal project structure. This could allow an unauthenticated remote attacker to read confidential information. | |||||
| CVE-2022-26869 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution. | |||||
| CVE-2022-26847 | 2 Debian, Spip | 2 Debian Linux, Spip | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about editorial objects. | |||||
| CVE-2022-26070 | 1 Splunk | 1 Splunk | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0. | |||||
| CVE-2022-25990 | 1 F5 | 1 F5os-a | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| On 1.0.x versions prior to 1.0.1, systems running F5OS-A software may expose certain registry ports externally. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2022-25830 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2024-11-21 | 2.1 LOW | 1.9 LOW |
| Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2022-25829 | 1 Samsung | 1 Watch Active2 Plugin | 2024-11-21 | 2.1 LOW | 1.9 LOW |
| Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2022-25828 | 1 Samsung | 1 Watch Active Plugin | 2024-11-21 | 2.1 LOW | 1.9 LOW |
| Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2022-25827 | 1 Samsung | 1 Galaxy Watch Plugin | 2024-11-21 | 2.1 LOW | 1.9 LOW |
| Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2022-25826 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2024-11-21 | 2.1 LOW | 1.9 LOW |
| Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||