CWE:
 

Topic
Date
Author
Med.
Transposh WordPress Translation 1.0.7 Incorrect Authorization
01.08.2022
Julien Ahrens
Med.
Easy Appointments 1.4.2 Information Disclosure
23.04.2022
Anonymous
Low
Easy!Appointments Information Disclosure
15.04.2022
Alexandre Zanni
Med.
Revive Adserver 5.0.4 Security Bypass / Open Redirect
14.03.2020
Matteo Beccati


CVEMAP Search Results

CVE
Details
Description
2022-08-01
Waiting for details
CVE-2022-31155

Updating...
 

 

 
Waiting for details
CVE-2022-31154

Updating...
 

 
Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by any other Sourcegraph user. This includes being able to edit both the trigger and the action of the monitor in question. An attacker is not able to read contents of existing code monitors, only override the data. The issue is fixed in Sourcegraph 3.42. There are no workaround for the issue and patching is highly recommended.

 
2022-07-18
Waiting for details
CVE-2022-2108

Updating...
 

 

 
2022-07-12
Low
CVE-2022-33705

Vendor: Samsung
Software: Calendar
 

 
Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission.

 
Low
CVE-2022-33702

Vendor: Google
Software: Android
 

 
Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset.

 
Low
CVE-2022-30757

Vendor: Google
Software: Android
 

 
Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permission.

 
Low
CVE-2021-40016

Vendor: Huawei
Software: Magic ui
 

 
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.

 
Medium
CVE-2022-29619

Vendor: SAP
Software: Businessobje...
 

 
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted.

 
High
CVE-2022-1025

Vendor: Linuxfoundation
Software: Argo-cd
 

 
All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.

 
Medium
CVE-2022-33632

Vendor: Microsoft
Software: Office
 

 
Microsoft Office Security Feature Bypass Vulnerability.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top