Total
1466 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27642 | 1 Netgear | 66 Cax80, Cax80 Firmware, Lax20 and 63 more | 2023-04-05 | N/A | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854. | |||||
| CVE-2023-22251 | 1 Adobe | 2 Commerce, Magento Open Source | 2023-04-04 | N/A | 4.3 MEDIUM |
| Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Incorrect Authorization vulnerability. A low-privileged authenticated attacker could leverage this vulnerability to achieve minor information disclosure. | |||||
| CVE-2021-37409 | 1 Intel | 26 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 23 more | 2023-04-01 | N/A | 7.8 HIGH |
| Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-25017 | 1 Rifartek | 1 Iot Wall | 2023-03-30 | N/A | 8.1 HIGH |
| RIFARTEK IOT Wall has a vulnerability of incorrect authorization. An authenticated remote attacker with general user privilege is allowed to perform specific privileged function to access and modify all sensitive data. | |||||
| CVE-2023-21035 | 1 Google | 1 Android | 2023-03-30 | N/A | 7.8 HIGH |
| In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184847040 | |||||
| CVE-2023-21034 | 1 Google | 1 Android | 2023-03-29 | N/A | 7.8 HIGH |
| In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230358834 | |||||
| CVE-2023-28611 | 1 Omicronenergy | 2 Stationguard, Stationscout | 2023-03-28 | N/A | 9.8 CRITICAL |
| Incorrect authorization in OMICRON StationGuard 1.10 through 2.20 and StationScout 1.30 through 2.20 allows an attacker to bypass intended access restrictions. | |||||
| CVE-2023-26484 | 1 Kubevirt | 1 Kubevirt | 2023-03-27 | N/A | 8.2 HIGH |
| KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can, for instance, read all secrets on the cluster, or can exec into pods on other nodes. This way, a compromised node can be used to elevate privileges beyond the node until potentially having full privileged access to the whole cluster. The simplest way to exploit this, once a user could compromise a specific node, is to set with the virt-handler service account all other nodes to unschedulable and simply wait until system-critical components with high privileges appear on its node. No patches are available as of time of publication. As a workaround, gatekeeper users can add a webhook which will block the `virt-handler` service account to modify the spec of a node. | |||||
| CVE-2023-23192 | 1 Isdecisions | 1 Userlock | 2023-03-27 | N/A | 7.2 HIGH |
| IS Decisions UserLock MFA 11.01 is vulnerable to authentication bypass using scheduled task. | |||||
| CVE-2023-27578 | 1 Galaxyproject | 1 Galaxy | 2023-03-23 | N/A | 7.5 HIGH |
| Galaxy is an open-source platform for data analysis. All supported versions of Galaxy are affected prior to 22.01, 22.05, and 23.0 are affected by an insufficient permission check. Unsupported versions are likely affected as far back as the functionality of Visualizations/Pages exists. Due to this issue, an attacker can modify or delete any Galaxy Visualization or Galaxy Page given they know the encoded ID of it. Additionally, they can copy or import any Galaxy Visualization given they know the encoded ID of it. Patches are available for versions 22.01, 22.05, and 23.0. For the changes to take effect, you must restart all Galaxy server processes. There are no supported workarounds. | |||||
| CVE-2022-4315 | 1 Gitlab | 1 Dynamic Application Security Testing Analyzer | 2023-03-22 | N/A | 6.5 MEDIUM |
| An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before 3.0.55, which sends custom request headers with every request on the authentication page. | |||||
| CVE-2022-39214 | 1 Combodo | 1 Itop | 2023-03-18 | N/A | 7.5 HIGH |
| Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, a user who can log in on iTop is able to take over any account just by knowing the account's username. This issue is fixed in versions 2.7.8 and 3.0.2-1. | |||||
| CVE-2023-22891 | 1 Smartbear | 1 Zephyr Enterprise | 2023-03-16 | N/A | 8.1 HIGH |
| There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts. | |||||
| CVE-2023-23918 | 1 Nodejs | 1 Node.js | 2023-03-16 | N/A | 7.5 HIGH |
| A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy. | |||||
| CVE-2023-27899 | 1 Jenkins | 1 Jenkins | 2023-03-16 | N/A | 7.0 HIGH |
| Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution. | |||||
| CVE-2023-27903 | 1 Jenkins | 1 Jenkins | 2023-03-15 | N/A | 4.4 MEDIUM |
| Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used. | |||||
| CVE-2023-27486 | 1 Xcat Project | 1 Xcat | 2023-03-15 | N/A | 8.8 HIGH |
| xCAT is a toolkit for deployment and administration of computer clusters. In versions prior to 2.16.5 if zones are configured as a mechanism to secure clusters in XCAT, it is possible for a local root user from one node to obtain credentials to SSH to any node in any zone, except the management node of the default zone. XCAT zones are not enabled by default. Only users that use the optional zone feature are impacted. All versions of xCAT prior to xCAT 2.16.5 are vulnerable. This problem has been fixed in xCAT 2.16.5. Users making use of zones should upgrade to 2.16.5. Users unable to upgrade may mitigate the issue by disabling zones or patching the management node with the fix contained in commit `85149c37f49`. | |||||
| CVE-2023-27485 | 1 Thm | 1 Feedbacksystem | 2023-03-14 | N/A | 4.3 MEDIUM |
| thmmniii/fbs-core is an open source feedback system for students. In versions prior to 1.5.3 when querying `subresults`, it is possible to query `subresults` from other users due to insufficient authorisation. This is only possible for logged-in users and it is not possible to associate the subresults with a specific user. This bug was fixed in commit `f1ae67d8bb2`and released with version 1.5.3. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-26056 | 1 Xwiki | 1 Xwiki | 2023-03-13 | N/A | 5.4 MEDIUM |
| XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known workarounds for this issue. | |||||
| CVE-2023-25575 | 1 Api-platform | 1 Core | 2023-03-13 | N/A | 6.5 MEDIUM |
| API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the `security` option of the `ApiPlatform\Metadata\ApiProperty` attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON, which is enabled by default when installing API Platform. Custom serialization formats may also be impacted. Only collection endpoints are affected by the issue, item endpoints are not. The JSON-LD format is not affected by the issue. The result of the security rule is only executed for the first item of the collection. The result of the rule is then cached and reused for the next items. This bug can leak data to unauthorized users when the rule depends on the value of a property of the item. This bug can also hide properties that should be displayed to authorized users. This issue impacts the 2.7, 3.0 and 3.1 branches. Please upgrade to versions 2.7.10, 3.0.12 or 3.1.3. As a workaround, replace the `cache_key` of the context array of the Serializer inside a custom normalizer that works on objects if the security option of the `ApiPlatform\Metadata\ApiProperty` attribute is used. | |||||