Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-01 | CVE-2023-0454 | Path Traversal vulnerability in Orangescrum 2.0.11 OrangeScrum version 2.0.11 allows an authenticated external attacker to delete arbitrary local files from the server. | 8.1 |
2023-02-01 | CVE-2023-0524 | Unspecified vulnerability in Tenable Nessus, Tenable.Io and Tenable.Sc As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. | 8.8 |
2023-02-01 | CVE-2023-24956 | SQL Injection vulnerability in Forget Heart Message BOX Project Forget Heart Message BOX 1.1 Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /cha.php. | 8.8 |
2023-01-31 | CVE-2023-22610 | Unspecified vulnerability in Schneider-Electric products A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. | 7.5 |
2023-01-31 | CVE-2023-22611 | Unspecified vulnerability in Schneider-Electric products A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specific messages are sent to the server over the database server TCP port. | 7.5 |
2023-01-31 | CVE-2022-44645 | Deserialization of Untrusted Data vulnerability in Apache Linkis In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. | 8.8 |
2023-01-31 | CVE-2022-39059 | ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function. | 7.5 |
2023-01-31 | CVE-2022-25881 | This affects versions of the package http-cache-semantics before 4.1.1. network low complexity | 7.5 |
2023-01-31 | CVE-2022-4041 | Improper Privilege Management vulnerability in Hitachi Storage Plug-In 04.8.0/04.9.0 Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. | 8.8 |
2023-01-31 | CVE-2022-4441 | Improper Privilege Management vulnerability in Hitachi Storage Plug-In 04.8.0/04.9.0 Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. | 8.8 |