| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component. |
| WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information. |
| WAVLINK WN551K1'live_check.shtml enables attackers to obtain sensitive router information. |
| Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write access to the repository and can exploit it, either intentionally or unintentionally, by committing an invalid Secret to repository and triggering a Sync. Once exploited, any user with read access to Argo CD can view the exposed secret data. The vulnerability is fixed in v2.13.4, v2.12.10, and v2.11.13. |
| Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service (DoS) attack against external services. |
| Microsoft Exchange Server Information Disclosure Vulnerability |
| In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213323615 |
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
| Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions. |
| An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device. |
| Philips SureSigns VS4, A.07.107 and prior receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly. |
| An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system. |
| The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.3 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments included in chat messages. The vulnerability was partially patched in version 3.3.3. |
