Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-38777PUBLISHED: 2023-02-08An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
CVE-2022-38778PUBLISHED: 2023-02-08A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
CVE-2022-45982PUBLISHED: 2023-02-08thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
CVE-2022-47648PUBLISHED: 2023-02-08Bosch Security Systems B420 firmware 02.02.0001 employs IP based authorization in its authentication mechanism, allowing attackers to access the device as long as they are on the same network as a legitimate user.
CVE-2023-25163PUBLISHED: 2023-02-08
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v2.6.0-rc1 have an output sanitization bug which leaks repository access credentials in error messages. These error messages are visible to the user, and they are logged. The error message...