CWE:
 

Nic nie znaleziono w bazie WLB2


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-06-07
Low
CVE-2022-30740

Vendor: Samsung
Software: Internet
 

 
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers.

 
2022-06-02
Low
CVE-2021-43512

Vendor: Flightradar24
Software: Flightradar2...
 

 
An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android, allows attackers to cause unspecified consequences due to being able to decompile a local application and extract their API keys.

 
2022-05-12
Low
CVE-2022-1044

Vendor: Trudesk project
Software: Trudesk
 

 
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.

 
2022-05-03
Medium
CVE-2021-46440

Vendor: Strapi
Software: Strapi
 

 
Storing passwords in a recoverable format in the DOCUMENTATION plugin component of Strapi before 3.6.9 and 4.x before 4.1.5 allows an attacker to access a victim's HTTP request, get the victim's cookie, perform a base64 decode on the victim's cookie, and obtain a cleartext password, leading to getting API documentation for further API attacks.

 
2022-03-09
Low
CVE-2022-0881

Vendor: Framasoft
Software: Peertube
 

 
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1.

 
2022-02-23
Low
CVE-2022-0724

Vendor: Microweber
Software: Microweber
 

 
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3.

 
2022-01-10
Low
CVE-2022-21823

Vendor: Ivanti
Software: Workspace co...
 

 
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector.

 
2021-12-08
Low
CVE-2021-25524

Vendor: Samsung
Software: Contacts
 

 
Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID.

 
Low
CVE-2021-25523

Vendor: Samsung
Software: Dialer
 

 
Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows attacker to get Samsung Account ID.

 
Low
CVE-2021-25522

Vendor: Samsung
Software: Smart capture
 

 
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top