Lista CVE - 2022 / Novembre
Visualizzazione 1401 - 1500 di 2020 CVE per Novembre 2022 (Pagina 15 di 21)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-45471 | 2022-11-18 | In JetBrains Hub before 2022.3.15181 Throttling was missed when sending... |
| CVE-2022-22488 | 2022-11-18 | IBM OpenBMC denial of service |
| CVE-2022-38974 | 2022-11-18 | WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability |
| CVE-2022-41840 | 2022-11-18 | WordPress Welcart eCommerce plugin <= 2.7.7 - Unauth. Directory Traversal vulnerability |
| CVE-2022-41652 | 2022-11-18 | WordPress Quiz And Survey Master plugin <= 7.3.10 - Bypass vulnerability |
| CVE-2022-40686 | 2022-11-18 | WordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-41805 | 2022-11-18 | WordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-40687 | 2022-11-18 | WordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-43463 | 2022-11-18 | WordPress Custom Product Tabs for WooCommerce plugin <= 1.7.9 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-41692 | 2022-11-18 | WordPress Appointment Hour Booking plugin <= 1.3.71 - Missing Authorization vulnerability |
| CVE-2022-38075 | 2022-11-18 | WordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) |
| CVE-2022-41781 | 2022-11-18 | WordPress Permalink Manager Lite plugin <= 2.2.20 - Broken Access Control vulnerability |
| CVE-2022-43482 | 2022-11-18 | WordPress Appointment Booking Calendar plugin <= 1.3.69 - Missing Authorization vulnerability |
| CVE-2022-42461 | 2022-11-18 | WordPress miniOrange's Google Authenticator plugin <= 5.6.1 - Broken Access Control vulnerability |
| CVE-2022-2794 | 2022-11-18 | Certain HP PageWide Pro Printers may be vulnerable to a... |
| CVE-2022-38395 | 2022-11-18 | HP Support Assistant uses HP Performance Tune-up as a diagnostic... |
| CVE-2022-45073 | 2022-11-18 | WordPress REST API Authentication plugin <= 2.4.0 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-40698 | 2022-11-18 | WordPress Quiz And Survey Master plugin <= 7.3.10 - Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-42883 | 2022-11-18 | WordPress Quiz And Survey Master plugin <= 7.3.10 - Sensitive Information Disclosure vulnerability |
| CVE-2022-41839 | 2022-11-18 | WordPress LoginPress plugin <= 1.6.2 - Broken Access Control vulnerability |
| CVE-2022-45369 | 2022-11-18 | WordPress Plugin for Google Reviews plugin <= 2.2.2 - Auth. Broken Access Control vulnerability |
| CVE-2022-44634 | 2022-11-18 | WordPress S2W – Import Shopify to WooCommerce plugin <= 1.1.12 - Auth. Arbitrary File Read vulnerability |
| CVE-2022-45082 | 2022-11-18 | WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-44584 | 2022-11-18 | WordPress WatchTowerHQ plugin <= 3.6.15 - Unauth. Arbitrary File Deletion vulnerability |
| CVE-2022-44583 | 2022-11-18 | WordPress WatchTowerHQ plugin <= 3.6.15 - Unauth. Arbitrary File Download vulnerability |
| CVE-2022-44740 | 2022-11-18 | WordPress Creative Mail plugin <= 1.5.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities |
| CVE-2022-43492 | 2022-11-18 | WordPress Comments – wpDiscuz plugin 7.4.2 - Auth. Insecure Direct Object References (IDOR) vulnerability |
| CVE-2022-41788 | 2022-11-18 | WordPress Soledad premium theme <= 8.2.5 - Auth. Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-42497 | 2022-11-18 | WordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary Code Execution vulnerability |
| CVE-2022-42698 | 2022-11-18 | WordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary File Upload vulnerability |
| CVE-2022-40695 | 2022-11-18 | WordPress SEO Redirection Plugin plugin <= 8.9 - Multiple Cross-Site Scripting (CSRF) vulnerabilities |
| CVE-2022-42459 | 2022-11-18 | WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerability |
| CVE-2022-41685 | 2022-11-18 | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Integration for Szamlazz.hu & WooCommerce and Csomagpontok és szállítási címkék WooCommerce hez plugins |
| CVE-2022-40963 | 2022-11-18 | WordPress WP Page Builder plugin <= 1.2.6 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-41643 | 2022-11-18 | WordPress Accessibility plugin <= 1.0.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-41655 | 2022-11-18 | WordPress Phone Orders for WooCommerce plugin <= 3.7.1 - Auth. Sensitive Data Exposure vulnerability |
| CVE-2022-41135 | 2022-11-18 | WordPress Modula plugin <= 2.6.9 - Unauth. Plugin Settings Change vulnerability |
| CVE-2022-41634 | 2022-11-18 | WordPress Media Library Folders plugin <= 7.1.1 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-41615 | 2022-11-18 | WordPress Store Locator plugin <= 1.4.5 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-41618 | 2022-11-18 | WordPress Media Library Assistant plugin <= 3.00 - Unauthenticated Error Log Disclosure vulnerability |
| CVE-2022-40130 | 2022-11-18 | WordPress WP-Polls plugin <= 2.76.0 - Auth. Race Condition vulnerability |
| CVE-2022-40216 | 2022-11-18 | WordPress Better Messages plugin <= 1.9.10.69 - Auth. Messaging Block Bypass vulnerability |
| CVE-2022-41155 | 2022-11-18 | WordPress iQ Block Country plugin <= 1.2.18 - Block BYPASS vulnerability |
| CVE-2022-41609 | 2022-11-18 | WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability |
| CVE-2022-4065 | 2022-11-19 | cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal |
| CVE-2022-4064 | 2022-11-19 | Dalli Meta Protocol request_formatter.rb self.meta_set injection |
| CVE-2022-4066 | 2022-11-19 | davidmoreno onion Log response.c onion_response_flush allocation of resources |
| CVE-2022-41938 | 2022-11-19 | Cross site scripting vulnerability with discussion titles in flarum |
| CVE-2022-41939 | 2022-11-19 | Credential exposure when running third-party builders in knative/func |
| CVE-2022-3516 | 2022-11-20 | Cross-site Scripting (XSS) - Stored in librenms/librenms |
| CVE-2022-3525 | 2022-11-20 | Deserialization of Untrusted Data in librenms/librenms |
| CVE-2022-3561 | 2022-11-20 | Cross-site Scripting (XSS) - Generic in librenms/librenms |
| CVE-2022-3562 | 2022-11-20 | Cross-site Scripting (XSS) - Stored in librenms/librenms |
| CVE-2022-4067 | 2022-11-20 | Cross-site Scripting (XSS) - Stored in librenms/librenms |
| CVE-2022-4068 | 2022-11-20 | Improperly Controlled Modification of Dynamically-Determined Object Attributes in librenms/librenms |
| CVE-2022-4069 | 2022-11-20 | Cross-site Scripting (XSS) - Generic in librenms/librenms |
| CVE-2022-4070 | 2022-11-20 | Insufficient Session Expiration in librenms/librenms |
| CVE-2022-3388 | 2022-11-21 | Input Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 Products |
| CVE-2022-45146 | 2022-11-21 | An issue was discovered in the FIPS Java API of... |
| CVE-2020-23582 | 2022-11-21 | A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2... |
| CVE-2021-24649 | 2022-11-21 | WP User Frontend < 3.5.29 - Obscure Registration as Admin |
| CVE-2022-0421 | 2022-11-21 | Five Star Restaurant Reservations < 2.4.12 - Unauthenticated Arbitrary Payment Status Update to Stored XSS |
| CVE-2022-1578 | 2022-11-21 | My wpdb < 2.5 - Arbitrary SQL Query via CSRF |
| CVE-2022-1579 | 2022-11-21 | Login Block IPs <= 1.0.0 - IP Spoofing Bypass |
| CVE-2022-1581 | 2022-11-21 | WP-Polls < 2.76.0 - IP Validation Bypass |
| CVE-2022-30257 | 2022-11-21 | An issue was discovered in Technitium DNS Server through 8.0.2... |
| CVE-2022-30258 | 2022-11-21 | An issue was discovered in Technitium DNS Server through 8.0.2... |
| CVE-2022-3336 | 2022-11-21 | Event Monster < 1.2.0 - Visitors Deletion via CSRF |
| CVE-2022-35897 | 2022-11-21 | An stack buffer overflow vulnerability leads to arbitrary code execution... |
| CVE-2022-3600 | 2022-11-21 | Easy Digital Downloads < 3.1.0.2 - Unauthenticated CSV Injection |
| CVE-2022-3618 | 2022-11-21 | Spacer < 3.0.7 - Admin+ Stored XSS |
| CVE-2022-3634 | 2022-11-21 | Contact Form 7 Database Addon < 1.2.6.5 - CSV Injection |
| CVE-2022-3688 | 2022-11-21 | WPQA < 5.9 - Follow/Unfollow via CSRF |
| CVE-2022-3690 | 2022-11-21 | Popup Maker < 1.16.11 - Contributor+ Stored Cross Site Scripting |
| CVE-2022-3691 | 2022-11-21 | DeepL Pro API Translation < 1.7.5 - API Key Disclosure |
| CVE-2022-3720 | 2022-11-21 | Event Monster < 1.2.1 - Admin+ SQLi |
| CVE-2022-3750 | 2022-11-21 | Ask Me < 6.8.7 - Post Deletion via CSRF |
| CVE-2022-3753 | 2022-11-21 | Evaluate <= 1.0 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-3762 | 2022-11-21 | Booster for WooCommerce - ShopManager+ Arbitrary File Download |
| CVE-2022-3763 | 2022-11-21 | Booster for WooCommerce - Checkout Files Deletion via CSRF |
| CVE-2022-38146 | 2022-11-21 | Silverstripe silverstripe/framework through 4.11 allows XSS (issue 2 of 3). |
| CVE-2022-38148 | 2022-11-21 | Silverstripe silverstripe/framework through 4.11 allows SQL Injection. |
| CVE-2022-38755 | 2022-11-21 | Filr Remote unauthenticated user enumeration for versions prior to 4.3.1.1 |
| CVE-2022-40470 | 2022-11-21 | Phpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting... |
| CVE-2022-4087 | 2022-11-21 | iPXE TLS tls.c tls_new_ciphertext information exposure |
| CVE-2022-4093 | 2022-11-21 | SQL Injection in dolibarr/dolibarr |
| CVE-2022-4096 | 2022-11-21 | Server-Side Request Forgery (SSRF) in appsmithorg/appsmith |
| CVE-2022-4105 | 2022-11-21 | Cross-site Scripting (XSS) - Stored in kiwitcms/kiwi |
| CVE-2022-41945 | 2022-11-21 | Remote Code Execution (RCE) vulnerability in super-xray via URL input |
| CVE-2022-42096 | 2022-11-21 | Backdrop CMS version 1.23.0 was discovered to contain a stored... |
| CVE-2022-43117 | 2022-11-21 | Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was... |
| CVE-2022-43143 | 2022-11-21 | A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows... |
| CVE-2022-43707 | 2022-11-21 | MyBB 1.8.31 has a Cross-site scripting (XSS) vulnerability in the... |
| CVE-2022-43708 | 2022-11-21 | MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting... |
| CVE-2022-43709 | 2022-11-21 | MyBB 1.8.31 has a SQL injection vulnerability in the Admin... |
| CVE-2022-44156 | 2022-11-21 | Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function... |
| CVE-2022-44158 | 2022-11-21 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function... |
| CVE-2022-44163 | 2022-11-21 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function... |
| CVE-2022-44167 | 2022-11-21 | Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function... |
| CVE-2022-44168 | 2022-11-21 | Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function... |