5 matches found
CVE-2022-2034
creationtimestamp| type| source ---|---|--- 2022-08-29 22:34:24+00:00| seen| https://t.me/cibsecurity/49001...
CVE-2022-2034
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers...
CVE-2022-2034 Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers...
CVE-2022-2034
The CVE-2022-2034 issue affects the WordPress Sensei LMS plugin prior to 4.5.0. The root cause is improper permissions on a REST endpoint, allowing unauthenticated users to access private messages sent to teachers. The vulnerability results in an information disclosure risk, with no authenticatio...
CVE-2022-20234
CVE-2022-20234 affects Android 12L in the Car/AAOS context where the NotificationAccessConfirmationActivity is exported. An unprivileged app can supply a malicious component name while presenting a benign package title (e.g., Settings) to persuade users to grant notification access to the malicio...