Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2022
F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-12-23
Tauri is a framework for building binaries for all major desktop platforms. The filesystem glob pattern wildcards `*`, `?`, and `[...]` match file path literals and leading dots by default, which unintentionally exposes sub folder content of allowed paths. Scopes without the wildcards are not affected. As `**` allows for sub directories the behavior there is also as expected. The issue has been patched in the latest release and was backported into the currently supported 1.x branches. There are no known workarounds at the time of publication.
CVSS Score
6.8
EPSS Score
0.001
Published
2022-12-23
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.
CVSS Score
8.3
EPSS Score
0.001
Published
2022-12-23
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
CVSS Score
7.1
EPSS Score
0.001
Published
2022-12-23
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0.
CVSS Score
8.6
EPSS Score
0.0
Published
2022-12-23
Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0.
CVSS Score
8.1
EPSS Score
0.003
Published
2022-12-23
Improper Authorization in GitHub repository usememos/memos prior to 0.9.0.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-12-23
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.
CVSS Score
7.6
EPSS Score
0.001
Published
2022-12-23
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-12-23
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions "29" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions "08" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions "17" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions "05" and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions "07" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.
CVSS Score
7.5
EPSS Score
0.024
Published
2022-12-23


Contact Us

Shodan ® - All rights reserved