| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access. |
| A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument redirect leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 10.0.18 is able to address this issue. It is recommended to upgrade the affected component. |
| The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.2. This is due to the plugin not properly checking for an empty token value prior updating their details like password. This makes it possible for unauthenticated attackers to change arbitrary user's password, including administrators, and leverage that to gain access to their account. |
| Microsoft Office Security Feature Bypass Vulnerability |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability |
| Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this. |
| Microsoft SharePoint Server Spoofing Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8, 15.8 prior to 15.8.4 and 15.9 prior to 15.9.2. A crafted URL could be used to redirect users to arbitrary sites |
| An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects. |
| WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::cat_compute_size. |
