Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-38777PUBLISHED: 2023-02-08An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
CVE-2022-38778PUBLISHED: 2023-02-08A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
CVE-2022-45982PUBLISHED: 2023-02-08thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
CVE-2022-47648PUBLISHED: 2023-02-08Bosch Security Systems B420 firmware 02.02.0001 employs IP based authorization in its authentication mechanism, allowing attackers to access the device as long as they are on the same network as a legitimate user.
CVE-2023-25163PUBLISHED: 2023-02-08
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v2.6.0-rc1 have an output sanitization bug which leaks repository access credentials in error messages. These error messages are visible to the user, and they are logged. The error message...
User Rank: Moderator
11/5/2013 | 9:18:28 PM
Peter Fretty