CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

NVD•added 2023/02/01 2:15 p.m.•7 views

CVE-2022-47715

In Last Yard 22.09.8-1, the cookie can be stolen via via unencrypted traffic...

5.3CVSS5.4AI score0.00103EPSS

Exploits1References1

OSV•added 2023/02/01 2:15 p.m.•4 views

CVE-2022-47717

Last Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing CORS...

7.5CVSS5.8AI score0.00275EPSS

Exploits1References1

NVD•added 2023/02/01 2:15 p.m.•30 views

CVE-2022-47717

Last Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing CORS...

7.5CVSS7.5AI score0.00275EPSS

Exploits1References1

OSV•added 2023/02/01 2:15 p.m.•4 views

CVE-2022-47714

Last Yard 22.09.8-1 does not enforce HSTS headers...

9.8CVSS5.8AI score0.00192EPSS

Exploits1References1

CNNVD•added 2023/02/01 12:0 a.m.•2 views

Last Yard 安全漏洞

Last Yard is a shelf-edge promotional platform from Last Yard Australia. A security vulnerability exists in Last Yard version 22.09.8-1, which stems from the fact that it allows an attacker to enable cross-resource sharing...

7.5CVSS7.3AI score0.00275EPSS

Exploits1References2

Positive Technologies•added 2023/02/01 12:0 a.m.•2 views

PT-2023-15466 · Last Yard · Last Yard

Name of the Vulnerable Software and Affected Versions: Last Yard version 22.09.8-1 Description: The issue is related to the lack of enforcement of HSTS headers. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue...

9.8CVSS9.2AI score0.00192EPSS

Exploits1References5

Positive Technologies•added 2023/02/01 12:0 a.m.•2 views

PT-2023-15467 · Last Yard · Last Yard

Name of the Vulnerable Software and Affected Versions: Last Yard version 22.09.8-1 Description: The issue allows the cookie to be stolen via unencrypted traffic. Recommendations: For version 22.09.8-1, consider using encrypted traffic to protect against cookie theft until a patch is available...

5.3CVSS5.2AI score0.00103EPSS

Exploits1References5

CNNVD•added 2023/02/01 12:0 a.m.•2 views

Last Yard 安全漏洞

Last Yard is a shelf-edge promotional platform from Last Yard Australia. A security vulnerability exists in Last Yard version 22.09.8-1 that stems from its non-mandatory HSTS headers...

9.8CVSS8.3AI score0.00192EPSS

Exploits1References2

CVE•added 2023/02/01 12:0 a.m.•46 views

CVE-2022-47717

The CVE-2022-47717 entry applies to Last Yard software version 22.09.8-1, which is reported to be vulnerable to a Cross-origin resource sharing (CORS) issue. The vulnerability is described as a CORS misconfiguration that could enable cross-origin access, with a CVSSv3.1 base score of 7.5 (High) a...

7.5CVSS7.5AI score0.00275EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/02/01 12:0 a.m.•16 views

CVE-2022-47717

Last Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing CORS...

7.7AI score0.00275EPSS

Exploits1References1

Positive Technologies•added 2023/02/01 12:0 a.m.•4 views

PT-2023-15468 · Last Yard · Last Yard

Name of the Vulnerable Software and Affected Versions: Last Yard version 22.09.8-1 Description: The issue concerns Cross-origin resource sharing CORS, which is a security feature that restricts web pages from making requests to a different origin domain, protocol, or port than the one the web pag...

7.5CVSS7.5AI score0.00275EPSS

Exploits1References5

CNNVD•added 2023/02/01 12:0 a.m.•3 views

Last Yard 安全漏洞

Last Yard is a shelf-edge promotional platform from Last Yard Australia. A security vulnerability exists in Last Yard version 22.09.8-1, which stems from the unencrypted transmission of its cookies making them accessible to attackers...

5.3CVSS5.7AI score0.00103EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by