CVE-2023-22950

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-669
View all →

Vulnerability Description

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.

Related Vulnerabilities

CVE-2022-46173

MEDIUM
CVSS:6.5(Medium)

Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed trans...

CWE-6692022

CVE-2020-10778

MEDIUM
CVSS:6.0(Medium)

In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business...

CWE-6692020

CVE-2019-10753

MEDIUM
CVSS:5.9(Medium)

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependen...

CWE-6692019

CVE-2012-2979

HIGH
CVSS:7.5(High)

FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.

CWE-6692012

CVE-2018-17791

HIGH
CVSS:7.5(High)

Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored...

CWE-6692018

CVE-2021-20411

HIGH
CVSS:7.5(High)

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly updating the session identifier. IBM X-Force ID: 198191.

CWE-6692021