CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-46155 522 2022-11-29 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Airtable.js is the JavaScript client for Airtable. Prior to version 0.11.6, Airtable.js had a misconfigured build script in its source package. When the build script is run, it would bundle environment variables into the build target of a transpiled bundle. Specifically, the AIRTABLE_API_KEY and AIRTABLE_ENDPOINT_URL environment variables are inserted during Browserify builds due to being referenced in Airtable.js code. This only affects copies of Airtable.js built from its source, not those installed via npm or yarn. Airtable API keys set in users’ environments via the AIRTABLE_API_KEY environment variable may be bundled into local copies of Airtable.js source code if all of the following conditions are met: 1) the user has cloned the Airtable.js source onto their machine, 2) the user runs the `npm prepare` script, and 3) the user' has the AIRTABLE_API_KEY environment variable set. If these conditions are met, a user’s local build of Airtable.js would be modified to include the value of the AIRTABLE_API_KEY environment variable, which could then be accidentally shipped in the bundled code. Users who do not meet all three of these conditions are not impacted by this issue. Users should upgrade to Airtable.js version 0.11.6 or higher; or, as a workaround unset the AIRTABLE_API_KEY environment variable in their shell and/or remove it from your .bashrc, .zshrc, or other shell configuration files. Users should also regenerate any Airtable API keys they use, as the keysy may be present in bundled code.
2 CVE-2022-46152 Exec Code 2022-11-29 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function `cleanup_shm_refs()` is called by both `entry_invoke_command()` and `entry_open_session()`. The commands `OPTEE_MSG_CMD_OPEN_SESSION` and `OPTEE_MSG_CMD_INVOKE_COMMAND` can be executed from the normal world via an OP-TEE SMC. This function is not validating the `num_params` argument, which is only limited to `OPTEE_MSG_MAX_NUM_PARAMS` (127) in the function `get_cmd_buffer()`. Therefore, an attacker in the normal world can craft an SMC call that will cause out-of-bounds reading in `cleanup_shm_refs` and potentially freeing of fake-objects in the function `mobj_put()`. A normal-world attacker with permission to execute SMC instructions may exploit this flaw. Maintainers believe this problem permits local privilege escalation from the normal world to the secure world. Version 3.19.0 contains a fix for this issue. There are no known workarounds.
3 CVE-2022-46150 200 +Info 2022-11-29 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Discourse is an open-source discussion platform. Prior to version 2.8.13 of the `stable` branch and version 2.9.0.beta14 of the `beta` and `tests-passed` branches, unauthorized users may learn of the existence of hidden tags and that they have been applied to topics that they have access to. This issue is patched in version 2.8.13 of the `stable` branch and version 2.9.0.beta14 of the `beta` and `tests-passed` branches. As a workaround, use the `disable_email` site setting to disable all emails to non-staff users.
4 CVE-2022-46148 79 XSS 2022-11-29 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Discourse is an open-source messaging platform. In versions 2.8.10 and prior on the `stable` branch and versions 2.9.0.beta11 and prior on the `beta` and `tests-passed` branches, users composing malicious messages and navigating to drafts page could self-XSS. This vulnerability can lead to a full XSS on sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in the latest stable, beta and tests-passed versions of Discourse.
5 CVE-2022-46147 79 XSS 2022-11-28 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted. Version 3.0.0 contains a patch for this issue. There are no known workarounds.
6 CVE-2022-46146 287 Bypass 2022-11-29 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, i someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.
7 CVE-2022-45939 Exec Code 2022-11-28 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.
8 CVE-2022-45934 2022-11-27 2022-11-27
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
9 CVE-2022-45933 2022-11-27 2022-11-27
0.0
None ??? ??? ??? ??? ??? ???
KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side project and a learning exercise," and not "very secure."
10 CVE-2022-45932 Sql 2022-11-27 2022-11-27
0.0
None ??? ??? ??? ??? ??? ???
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used.
11 CVE-2022-45931 Sql 2022-11-27 2022-11-27
0.0
None ??? ??? ??? ??? ??? ???
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used.
12 CVE-2022-45930 Sql 2022-11-27 2022-11-27
0.0
None ??? ??? ??? ??? ??? ???
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface.
13 CVE-2022-45921 2022-11-28 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. To be specific, an attacker may be able to view or retrieve any file readable by the user running the FusionAuth process.
14 CVE-2022-45919 416 2022-11-27 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.
15 CVE-2022-45914 2022-11-27 2022-11-27
0.0
None ??? ??? ??? ??? ??? ???
The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF transceiver on the ETAG-2130-V4.3 20190629 board, does not use authentication, which allows attackers to change label values via 433 MHz RF signals, as demonstrated by disrupting the organization of a hospital storage unit, or changing retail pricing.
16 CVE-2022-45909 2022-11-26 2022-11-27
0.0
None ??? ??? ??? ??? ??? ???
drachtio-server 0.8.18 has a heap-based buffer over-read via a long Request-URI in an INVITE request.
17 CVE-2022-45908 Exec Code 2022-11-26 2022-11-26
0.0
None ??? ??? ??? ??? ??? ???
In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution.
18 CVE-2022-45907 77 Exec Code 2022-11-26 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
19 CVE-2022-45888 362 2022-11-25 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.
20 CVE-2022-45887 362 2022-11-25 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.
21 CVE-2022-45886 362 2022-11-25 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.
22 CVE-2022-45885 362 2022-11-25 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.
23 CVE-2022-45884 362 2022-11-25 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.
24 CVE-2022-45873 2022-11-23 2022-11-25
0.0
None ??? ??? ??? ??? ??? ???
systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.
25 CVE-2022-45872 2022-11-23 2022-11-24
0.0
None ??? ??? ??? ??? ??? ???
iTerm2 before 3.4.18 mishandles a DECRQSS response.
26 CVE-2022-45868 2022-11-23 2022-11-24
0.0
None ??? ??? ??? ??? ??? ???
The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states "This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that."
27 CVE-2022-45866 22 Dir. Trav. 2022-11-23 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file.
28 CVE-2022-45536 89 Sql 2022-11-22 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\post_comments.php. This vulnerability allows attackers to access database information.
29 CVE-2022-45535 89 Sql 2022-11-22 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulnerability allows attackers to access database information.
30 CVE-2022-45529 89 Sql 2022-11-22 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_post.php. This vulnerability allows attackers to access database information.
31 CVE-2022-45476 Exec Code CSRF 2022-11-25 2022-11-25
0.0
None ??? ??? ??? ??? ??? ???
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files server-side (instead of just returning them for download), and allows unauthenticated users to access uploaded files.
32 CVE-2022-45475 Exec Code CSRF 2022-11-25 2022-11-25
0.0
None ??? ??? ??? ??? ??? ???
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files server-side (instead of just returning them for download), and allows unauthenticated users to access uploaded files.
33 CVE-2022-45474 416 2022-11-18 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request.
34 CVE-2022-45473 2022-11-18 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
In drachtio-server 0.8.18, /var/log/drachtio has mode 0777 and drachtio.log has mode 0666.
35 CVE-2022-45472 79 XSS 2022-11-23 2022-11-26
0.0
None ??? ??? ??? ??? ??? ???
CAE LearningSpace Enterprise (with Intuity License) image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup.
36 CVE-2022-45471 770 2022-11-18 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address
37 CVE-2022-45470 20 XSS 2022-11-21 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
** UNSUPPORTED WHEN ASSIGNED ** missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed.
38 CVE-2022-45462 77 2022-11-23 2022-11-26
0.0
None ??? ??? ??? ??? ??? ???
Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher
39 CVE-2022-45461 78 Exec Code 2022-11-17 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) to execute arbitrary commands as root.
40 CVE-2022-45442 494 2022-11-28 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. Version 2.2.3 and 3.0.4 contain patches for this issue.
41 CVE-2022-45422 427 2022-11-21 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
When LG SmartShare is installed, local privilege escalation is possible through DLL Hijacking attack. The LG ID is LVE-HOT-220005.
42 CVE-2022-45402 601 2022-11-15 2022-11-17
0.0
None ??? ??? ??? ??? ??? ???
In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint.
43 CVE-2022-45401 79 XSS 2022-11-15 2022-11-18
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Associated Files Plugin 0.2.1 and earlier does not escape names of associated files, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
44 CVE-2022-45400 611 2022-11-15 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
45 CVE-2022-45399 862 2022-11-15 2022-11-18
0.0
None ??? ??? ??? ??? ??? ???
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.
46 CVE-2022-45398 352 CSRF 2022-11-15 2022-11-18
0.0
None ??? ??? ??? ??? ??? ???
A cross-site request forgery (CSRF) vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.
47 CVE-2022-45397 611 2022-11-15 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
48 CVE-2022-45396 611 2022-11-15 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
49 CVE-2022-45395 611 2022-11-15 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
50 CVE-2022-45394 862 2022-11-15 2022-11-18
0.0
None ??? ??? ??? ??? ??? ???
A missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/Read permission to delete build logs.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.