CVE-2022-23745

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading

July 12, 2022

CVE-2022-21845

Windows Kernel Information Disclosure Vulnerability.Read More ...

Continue Reading

July 12, 2022

breakitdance.com Cross Site Scripting vulnerability OBB-2765266

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

Continue Reading

July 12, 2022

Certificate verification is skipped for connections to OIDC providers

### Impact All versions of Argo CD starting with v0.4.0 are vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OIDC provid ...

Continue Reading

July 12, 2022

No security checking for UnsafeAccess.getInstance() in UnsafeAccessor

### Overview Affected versions have no limit to using unsafe-accessor. Can be ignored if `SecurityCheck.AccessLimiter` not setup ### Details If UA was loaded as a named module, the internal data of UA ...

Continue Reading

July 12, 2022

Cross-site Scripting for Argo CD SSO users

### Impact All versions of Argo CD starting with 2.3.0 are vulnerable to a cross-site scripting (XSS) bug which could allow an attacker to inject arbitrary JavaScript in the `/auth/callback` page in a ...

Continue Reading

July 12, 2022

CVE-2022-22047

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049.Read More ...

Continue Reading

July 12, 2022

CVE-2022-30212

Windows Connected Devices Platform Service Information Disclosure Vulnerability.Read More ...

Continue Reading

July 12, 2022

1 73,361 73,362 73,363 73,364 73,365 77,289

Back to Main
Subscribe for the latest news: