Lista CVE - 2022 / Ottobre
Visualizzazione 1101 - 1200 di 1849 CVE per Ottobre 2022 (Pagina 12 di 19)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-3338 | 2022-10-18 | XXE in Trellix ePO server |
| CVE-2022-3339 | 2022-10-18 | Reflected XSS in Trellix ePO server |
| CVE-2022-3583 | 2022-10-18 | SourceCodester Canteen Management System login.php sql injection |
| CVE-2022-3584 | 2022-10-18 | SourceCodester Canteen Management System edituser.php sql injection |
| CVE-2022-3594 | 2022-10-18 | Linux Kernel BPF r8152.c intr_callback logging of excessive data |
| CVE-2022-3595 | 2022-10-18 | Linux Kernel CIFS sess.c sess_free_buffer double free |
| CVE-2022-36438 | 2022-10-18 | AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file... |
| CVE-2022-36439 | 2022-10-18 | AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers... |
| CVE-2022-39198 | 2022-10-18 | Apache Dubbo Hession Deserialization Vulnerability Gadgets Bypass |
| CVE-2022-39399 | 2022-10-18 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition... |
| CVE-2022-40889 | 2022-10-18 | Phpok 6.1 has a deserialization vulnerability via framework/phpok_call.php. |
| CVE-2022-41479 | 2022-10-18 | The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms... |
| CVE-2022-41500 | 2022-10-18 | EyouCMS V1.5.9 was discovered to contain multiple Cross-Site Request Forgery... |
| CVE-2022-41504 | 2022-10-18 | An arbitrary file upload vulnerability in the component /php_action/editProductImage.php of... |
| CVE-2022-41537 | 2022-10-18 | Online Tours & Travels Management System v1.0 was discovered to... |
| CVE-2022-41540 | 2022-10-18 | The web app client of TP-Link AX10v1 V1_211117 uses hard-coded... |
| CVE-2022-41541 | 2022-10-18 | TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack... |
| CVE-2022-41544 | 2022-10-18 | GetSimple CMS v3.3.16 was discovered to contain a remote code... |
| CVE-2022-41547 | 2022-10-18 | Mobile Security Framework (MobSF) v0.9.2 and below was discovered to... |
| CVE-2022-42112 | 2022-10-18 | A Cross-site scripting (XSS) vulnerability in the Portal Search module's... |
| CVE-2022-42113 | 2022-10-18 | A Cross-site scripting (XSS) vulnerability in Document Library module in... |
| CVE-2022-42114 | 2022-10-18 | A Cross-site scripting (XSS) vulnerability in the Role module's edit... |
| CVE-2022-42115 | 2022-10-18 | Cross-site scripting (XSS) vulnerability in the Object module's edit object... |
| CVE-2022-42116 | 2022-10-18 | A Cross-site scripting (XSS) vulnerability in the Frontend Editor module's... |
| CVE-2022-42117 | 2022-10-18 | A Cross-site scripting (XSS) vulnerability in the Frontend Taglib module... |
| CVE-2022-42188 | 2022-10-18 | In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path... |
| CVE-2022-42202 | 2022-10-18 | TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to... |
| CVE-2022-42218 | 2022-10-18 | Open Source SACCO Management System v1.0 vulnerable to SQL Injection... |
| CVE-2022-43259 | 2022-10-18 | Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow... |
| CVE-2022-43260 | 2022-10-18 | Tenda AC18 V15.03.05.19(6318) was discovered to contain a stack overflow... |
| CVE-2022-22192 | 2022-10-18 | Junos OS Evolved: PTX Series: An attacker can cause a kernel panic by sending a malformed TCP packet to the device |
| CVE-2022-22201 | 2022-10-18 | SRX5000 Series with SPC3, SRX4000 Series, and vSRX: When PowerMode IPsec is configured, the PFE will crash upon receipt of a malformed ESP packet |
| CVE-2022-22208 | 2022-10-18 | Junos OS and Junos OS Evolved: An rpd crash can occur due to memory corruption caused by flapping BGP sessions |
| CVE-2022-22211 | 2022-10-18 | Junos OS Evolved: PTX Series: Multiple FPCs become unreachable due to continuous polling of specific SNMP OID |
| CVE-2022-22218 | 2022-10-18 | Junos OS: SRX Series: Upon processing of a genuine packet the pkid process will crash during CMPv2 auto-re-enrollment |
| CVE-2022-22219 | 2022-10-18 | Junos OS and Junos OS Evolved: RPD core upon receipt of a specific EVPN route by a BGP route reflector in an EVPN environment |
| CVE-2022-22220 | 2022-10-18 | Junos OS and Junos OS Evolved: Due to a race condition the rpd process can crash upon receipt of a BGP update message containing flow spec route |
| CVE-2022-22223 | 2022-10-18 | Junos OS: QFX10000 Series: In IP/MPLS PHP node scenarios upon receipt of certain crafted packets multiple interfaces in LAG configurations may detach. |
| CVE-2022-22224 | 2022-10-18 | Junos OS and Junos OS Evolved: PPMD goes into infinite loop upon receipt of malformed OSPF TLV |
| CVE-2022-22225 | 2022-10-18 | Junos OS and Junos OS Evolved: In a BGP multipath scenario, when one of the contributing routes is flapping often and rapidly, rpd may crash |
| CVE-2022-22226 | 2022-10-18 | Junos OS: EX4300-MP, EX4600, QFX5000 Series: In VxLAN scenarios specific packets processed cause a memory leak leading to a PFE crash |
| CVE-2022-22227 | 2022-10-18 | Junos OS Evolved: ACX7000 Series: Specific IPv6 transit traffic gets exceptioned to the routing-engine which causes increased CPU utilization |
| CVE-2022-22228 | 2022-10-18 | Junos OS: IPv6 OAM SRv6 network-enabled devices are vulnerable to Denial of Service (DoS) due to RPD memory leak upon receipt of specific a IPv6 packet |
| CVE-2022-22229 | 2022-10-18 | Paragon Active Assurance (Formerly Netrounds): Stored Cross-site Scripting (XSS) vulnerability in web administration |
| CVE-2022-22230 | 2022-10-18 | Junos OS and Junos OS Evolved: RPD crash upon receipt of specific OSPFv3 LSAs |
| CVE-2022-22231 | 2022-10-18 | SRX Series: If UTM Enhanced Content Filtering and AntiVirus are enabled, and specific traffic is processed the PFE will crash |
| CVE-2022-22232 | 2022-10-18 | SRX Series: If Unified Threat Management (UTM) Enhanced Content Filtering (CF) is enabled and specific traffic is processed the PFE will crash |
| CVE-2022-22233 | 2022-10-18 | Junos OS and Junos OS Evolved: In an SR to LDP interworking scenario, with SRMS, when a specific low privileged command is issued on an ABR rpd will crash |
| CVE-2022-22234 | 2022-10-18 | Junos OS: EX2300 and EX3400 Series: One of more SFPs might become unavailable when the system is very busy |
| CVE-2022-22235 | 2022-10-18 | Junos OS: SRX Series: A flowd core will be observed when malformed GPRS traffic is processed |
| CVE-2022-22236 | 2022-10-18 | Junos OS: SRX Series and MX Series: When specific valid SIP packets are received the PFE will crash |
| CVE-2022-22237 | 2022-10-18 | Junos OS: Peers not configured for TCP-AO can establish a BGP or LDP session even if authentication is configured locally |
| CVE-2022-22238 | 2022-10-18 | Junos OS and Junos OS Evolved: The rpd process will crash when a malformed incoming RESV message is processed |
| CVE-2022-22239 | 2022-10-18 | Junos OS Evolved: The ssh CLI command always runs as root which can lead to privilege escalation |
| CVE-2022-22240 | 2022-10-18 | Junos OS and Junos OS Evolved: An rpd memory leak might be observed while running a specific cli command in a RIB sharding scenario |
| CVE-2022-22241 | 2022-10-18 | Junos OS: Vulnerability in J-Web may allow deserialization without authentication |
| CVE-2022-22242 | 2022-10-18 | Junos OS: Cross-site Scripting (XSS) vulnerability in J-Web |
| CVE-2022-22243 | 2022-10-18 | Junos OS: XPath Injection vulnerability in J-Web |
| CVE-2022-22244 | 2022-10-18 | Junos OS: Unauthenticated XPath Injection vulnerability in J-Web |
| CVE-2022-22245 | 2022-10-18 | Junos OS: Path traversal vulnerability in J-Web |
| CVE-2022-22246 | 2022-10-18 | Junos OS: PHP file inclusion vulnerability in J-Web |
| CVE-2022-22247 | 2022-10-18 | Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS) |
| CVE-2022-22248 | 2022-10-18 | Junos OS Evolved: Incorrect file permissions can allow low-privileged user to cause another user to execute arbitrary commands |
| CVE-2022-22249 | 2022-10-18 | Junos OS: MX Series: An FPC crash might be seen due to mac-moves within the same bridge domain |
| CVE-2022-22250 | 2022-10-18 | Junos OS and Junos OS Evolved: An FPC crash might be seen due to an EVPN MAC entry moving from local to remote |
| CVE-2022-22251 | 2022-10-18 | cSRX Series: Storing Passwords in a Recoverable Format and software permissions issues allows a local attacker to elevate privileges |
| CVE-2022-39055 | 2022-10-18 | Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF) |
| CVE-2022-39056 | 2022-10-18 | Changing Information Technology Inc. RAVA certificate validation system - SQL Injection |
| CVE-2022-39057 | 2022-10-18 | Changing Information Technology Inc. RAVA certificate validation system - Command Injection |
| CVE-2022-39058 | 2022-10-18 | Changing Information Technology Inc. RAVA certificate validation system - Path Traversal |
| CVE-2022-39253 | 2022-10-19 | Git subject to exposure of sensitive information via local clone of symbolic links |
| CVE-2022-39260 | 2022-10-19 | Git vulnerable to Remote Code Execution via Heap overflow in `git shell` |
| CVE-2022-42467 | 2022-10-19 | h2 webconsole (available only in prototype mode) should nevertheless be disabled by default. |
| CVE-2022-43401 | 2022-10-19 | A sandbox bypass vulnerability involving various casts performed implicitly by... |
| CVE-2022-43402 | 2022-10-19 | A sandbox bypass vulnerability involving various casts performed implicitly by... |
| CVE-2022-43403 | 2022-10-19 | A sandbox bypass vulnerability involving casting an array-like value to... |
| CVE-2022-43404 | 2022-10-19 | A sandbox bypass vulnerability involving crafted constructor bodies and calls... |
| CVE-2022-43405 | 2022-10-19 | A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin... |
| CVE-2022-43406 | 2022-10-19 | A sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries... |
| CVE-2013-4253 | 2022-10-19 | The deployment script in the unsupported "OpenShift Extras" set of... |
| CVE-2013-4281 | 2022-10-19 | In Red Hat Openshift 1, weak default permissions are applied... |
| CVE-2016-20016 | 2022-10-19 | MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE,... |
| CVE-2016-20017 | 2022-10-19 | D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection... |
| CVE-2020-23648 | 2022-10-19 | Asus RT-N12E 2.0.0.39 is affected by an incorrect access control... |
| CVE-2022-1414 | 2022-10-19 | 3scale API Management 2 does not perform adequate sanitation for... |
| CVE-2022-23241 | 2022-10-19 | Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured... |
| CVE-2022-23734 | 2022-10-19 | Deserialization of Untrusted Data vulnerability in GitHub Enterprise Server leading to Remote Code Execution |
| CVE-2022-25666 | 2022-10-19 | Memory corruption due to use after free in service while... |
| CVE-2022-25687 | 2022-10-19 | memory corruption in video due to buffer overflow while parsing... |
| CVE-2022-25718 | 2022-10-19 | Cryptographic issue in WLAN due to improper check on return... |
| CVE-2022-25719 | 2022-10-19 | Information disclosure in WLAN due to improper length check while... |
| CVE-2022-25720 | 2022-10-19 | Memory corruption in WLAN due to out of bound array... |
| CVE-2022-25736 | 2022-10-19 | Denial of service in WLAN due to out-of-bound read happens... |
| CVE-2022-25748 | 2022-10-19 | Memory corruption in WLAN due to integer overflow to buffer... |
| CVE-2022-25749 | 2022-10-19 | Transient Denial-of-Service in WLAN due to buffer over-read while parsing... |
| CVE-2022-2805 | 2022-10-19 | A flaw was found in ovirt-engine, which leads to the... |
| CVE-2022-31684 | 2022-10-19 | Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may... |
| CVE-2022-33077 | 2022-10-19 | An access control issue in nopcommerce v4.50.2 allows attackers to... |
| CVE-2022-3327 | 2022-10-19 | Missing Authentication for Critical Function in ikus060/rdiffweb |
| CVE-2022-3586 | 2022-10-19 | A flaw was found in the Linux kernel’s networking code.... |