Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-09 | CVE-2022-3343 | Unspecified vulnerability in 2Code Wpqa Builder 5.2/5.7/5.9 The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them. | 3.5 |
| 2023-01-09 | CVE-2022-4102 | Missing Authorization vulnerability in Royal-Elementor-Addons Royal Elementor Addons The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF checks when deleting a template and does not ensure that the post to be deleted is a template. | 3.1 |
| 2023-01-09 | CVE-2023-22473 | Unspecified vulnerability in Nextcloud Talk Talk-Android enables users to have video & audio calls through Nextcloud on Android. low complexity nextcloud | 2.1 |
| 2023-01-05 | CVE-2022-46168 | Unspecified vulnerability in Discourse Discourse is an option source discussion platform. | 3.5 |
| 2023-01-02 | CVE-2022-4109 | Unspecified vulnerability in Cedcommerce Wholesale Market for Woocommerce 1.0.7/1.0.8 The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to download arbitrary logs from the server even when they should not be able to (for example in multisite) | 2.7 |
| 2023-01-01 | CVE-2022-47952 | Information Exposure Through Discrepancy vulnerability in Linuxcontainers LXC lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. | 3.3 |
| 2022-12-30 | CVE-2022-42266 | Information Exposure vulnerability in Nvidia Cloud Gaming and Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can cause exposure of sensitive information to an actor that is not explicitly authorized to have access to that information, which may lead to limited information disclosure. | 3.3 |
| 2022-12-28 | CVE-2022-4773 | Unspecified vulnerability in Cloudsync Project Cloudsync ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in cloudsync. | 3.3 |
| 2022-12-27 | CVE-2022-2583 | Race Condition vulnerability in Gobase Project Gobase A race condition can cause incorrect HTTP request routing. | 3.7 |
| 2022-12-27 | CVE-2022-45428 | Unspecified vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of sensitive information leakage. | 2.7 |