Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Med.
Zoom 5.4.3 (54779.1115) / 5.5.4 (13142.0301) Information Disclosure
23.03.2021
Matthias Deeg
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2022-05-10
Low
CVE-2022-22011
Vendor:
Microsoft
Software:
Windows 10
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26934, CVE-2022-29112.
Low
CVE-2022-22015
Vendor:
Microsoft
Software:
Windows 10
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability.
2022-04-28
Low
CVE-2022-29820
Vendor:
Jetbrains
Software:
Pycharm
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible
2022-04-27
Low
CVE-2021-38874
Updating...
IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.
2022-04-22
Low
CVE-2021-38904
Vendor:
IBM
Software:
Cognos analytics
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings. IBM X-Force ID: 209693.
Low
CVE-2021-38905
Vendor:
IBM
Software:
Cognos analytics
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report pages that they should not have access to. IBM X-Force ID: 209697.
2022-04-19
Medium
CVE-2022-1385
Vendor:
Mattermost
Software:
Mattermost s...
Mattermost 6.4.x and earlier fails to properly invalidate pending email invitations when the action is performed from the system console, which allows accidentally invited users to join the workspace and access information from the public teams and channels.
Medium
CVE-2021-43129
Vendor:
D2L
Software:
Brightspace
2022-04-15
Medium
CVE-2022-27257
Vendor:
Hubzilla
Software:
Hubzilla
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.
2022-04-14
Low
CVE-2022-25165
Vendor:
Amazon
Software:
Aws client vpn
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service (running as SYSTEM) processing the file. Dangerous arguments can be injected by a low-level user such as log, which allows an arbitrary destination to be specified for writing log files. This leads to an arbitrary file write as SYSTEM with partial control over the files content. This can be abused to cause an elevation of privilege or denial of service.
Copyright
2022
, cxsecurity.com
Back to Top
Polish
English