Lista CVE - 2022 / Novembre
Visualizzazione 1701 - 1800 di 2020 CVE per Novembre 2022 (Pagina 18 di 21)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-44259 | 2022-11-23 | TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter... |
| CVE-2022-44260 | 2022-11-23 | TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter... |
| CVE-2022-44278 | 2022-11-23 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-44280 | 2022-11-23 | Automotive Shop Management System v1.0 is vulnerable to Delete any... |
| CVE-2022-44789 | 2022-11-23 | A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through... |
| CVE-2022-45149 | 2022-11-23 | A vulnerability was found in Moodle which exists due to... |
| CVE-2022-45150 | 2022-11-23 | A reflected cross-site scripting vulnerability was discovered in Moodle. This... |
| CVE-2022-45151 | 2022-11-23 | The stored-XSS vulnerability was discovered in Moodle which exists due... |
| CVE-2022-45276 | 2022-11-23 | An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows... |
| CVE-2022-45278 | 2022-11-23 | Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-45280 | 2022-11-23 | A cross-site scripting (XSS) vulnerability in the Url parameter in... |
| CVE-2022-45462 | 2022-11-23 | Apache DolphinScheduler prior to 2.0.5 have command execution vulnerability |
| CVE-2022-45472 | 2022-11-23 | CAE LearningSpace Enterprise (with Intuity License) image 267r patch 639... |
| CVE-2022-45866 | 2022-11-23 | qpress before PierreLvx/qpress 20220819 and before version 11.3, as used... |
| CVE-2022-45872 | 2022-11-23 | iTerm2 before 3.4.18 mishandles a DECRQSS response. |
| CVE-2022-45873 | 2022-11-23 | systemd 250 and 251 allows local users to achieve a... |
| CVE-2022-4019 | 2022-11-23 | Authenticated user could send multiple requests containing a large payload to a Playbooks API and can crash a Mattermost server |
| CVE-2022-4044 | 2022-11-23 | Authenticated user could send multiple requests containing a large Auto Responder Message payload and can crash a Mattermost server |
| CVE-2022-4045 | 2022-11-23 | Authenticated user could send multiple requests containing a parameter which could fetch a large amount of data and can crash a Mattermost server |
| CVE-2022-42895 | 2022-11-23 | Info Leak in l2cap_core in the Linux Kernel |
| CVE-2022-42896 | 2022-11-23 | Info Leak in l2cap_core in the Linux Kernel |
| CVE-2021-35246 | 2022-11-23 | Unprotected Transport of Credentials (HSTS) Vulnerability |
| CVE-2022-2650 | 2022-11-24 | Improper Restriction of Excessive Authentication Attempts in wger-project/wger |
| CVE-2022-26885 | 2022-11-24 | Apache DolphinScheduler config file read by task risk |
| CVE-2022-4088 | 2022-11-24 | rickxy Stock Management System processlogin.php sql injection |
| CVE-2022-4089 | 2022-11-24 | rickxy Stock Management System processlogin.php cross site scripting |
| CVE-2022-4090 | 2022-11-24 | rickxy Stock Management System cross-site request forgery |
| CVE-2022-4136 | 2022-11-24 | Exposed Dangerous Method or Function in qmpaas/leadshop |
| CVE-2022-44748 | 2022-11-24 | Uploading workflows to KNIME Server may override arbitrary file system contents |
| CVE-2022-44749 | 2022-11-24 | Opening workflows from untrusted resources may override arbitrary file system contents |
| CVE-2022-40266 | 2022-11-24 | Denial-of-Service (DoS) Vulnerability in FTP Server Function on GOT2000 Series |
| CVE-2022-40976 | 2022-11-24 | PILZ: Multiple products affected by ZipSlip |
| CVE-2022-40977 | 2022-11-24 | PILZ: PASvisu and PMI affected by ZipSlip |
| CVE-2022-25164 | 2022-11-24 | Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX... |
| CVE-2022-29825 | 2022-11-24 | Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3... |
| CVE-2022-29826 | 2022-11-24 | Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX... |
| CVE-2022-29827 | 2022-11-24 | Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX... |
| CVE-2022-29828 | 2022-11-24 | Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX... |
| CVE-2022-29829 | 2022-11-24 | Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX... |
| CVE-2022-29830 | 2022-11-24 | Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX... |
| CVE-2022-29831 | 2022-11-24 | Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX... |
| CVE-2022-29832 | 2022-11-24 | Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi... |
| CVE-2022-29833 | 2022-11-24 | Insufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3... |
| CVE-2022-45218 | 2022-11-25 | Human Resource Management System v1.0.0 was discovered to contain a... |
| CVE-2022-45884 | 2022-11-25 | An issue was discovered in the Linux kernel through 6.0.9.... |
| CVE-2022-45886 | 2022-11-25 | An issue was discovered in the Linux kernel through 6.0.9.... |
| CVE-2022-45888 | 2022-11-25 | An issue was discovered in the Linux kernel through 6.0.9.... |
| CVE-2022-0698 | 2022-11-25 | Microweber version 1.3.1 allows an unauthenticated user to perform an... |
| CVE-2022-23044 | 2022-11-25 | Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker... |
| CVE-2022-2721 | 2022-11-25 | In affected versions of Octopus Server it is possible for... |
| CVE-2022-36133 | 2022-11-25 | The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with... |
| CVE-2022-37720 | 2022-11-25 | Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting... |
| CVE-2022-37721 | 2022-11-25 | PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting... |
| CVE-2022-38166 | 2022-11-25 | In F-Secure Endpoint Protection for Windows and macOS before channel... |
| CVE-2022-38767 | 2022-11-25 | An issue was discovered in Wind River VxWorks 6.9 and... |
| CVE-2022-38813 | 2022-11-25 | PHPGurukul Blood Donor Management System 1.0 does not properly restrict... |
| CVE-2022-39325 | 2022-11-25 | Cross-site scripting vulnerability in BaserCMS |
| CVE-2022-39331 | 2022-11-25 | Cross-site Scripting (XSS) in Nexcloud Desktop Client |
| CVE-2022-39332 | 2022-11-25 | Cross-site scripting (XSS) in Nextcloud Desktop Client |
| CVE-2022-39333 | 2022-11-25 | Cross-site scripting (XSS) in Nextcloud Desktop Client |
| CVE-2022-39334 | 2022-11-25 | nextcloudcmd incorrectly trusts bad TLS certificates |
| CVE-2022-39338 | 2022-11-25 | Stored cross site scripting (XSS) vulnerability via Authorization Endpoint in user_oidc |
| CVE-2022-39339 | 2022-11-25 | Cleartext Transmission of Sensitive Information in user_oidc |
| CVE-2022-39346 | 2022-11-25 | Missing length validation of user displayname in nextcloud server |
| CVE-2022-40282 | 2022-11-25 | The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated... |
| CVE-2022-4091 | 2022-11-25 | SourceCodester Canteen Management System food.php query cross site scripting |
| CVE-2022-41156 | 2022-11-25 | OndiskPlayer Remote Code Execution Vulnerability |
| CVE-2022-41157 | 2022-11-25 | ERP solution Remote Code Execution Vulnerability |
| CVE-2022-41158 | 2022-11-25 | eyoom builder Remote Code Execution Vulnerability |
| CVE-2022-4135 | 2022-11-25 | Heap buffer overflow in GPU in Google Chrome prior to... |
| CVE-2022-4141 | 2022-11-25 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-41705 | 2022-11-25 | Badaso version 2.6.3 allows an unauthenticated remote attacker to execute... |
| CVE-2022-41706 | 2022-11-25 | Browsershot version 3.57.2 allows an external attacker to remotely obtain... |
| CVE-2022-41712 | 2022-11-25 | Frappe version 14.10.0 allows an external attacker to remotely obtain... |
| CVE-2022-41926 | 2022-11-25 | Nextcloud Talk Android broadcast incorrect permission handling |
| CVE-2022-41954 | 2022-11-25 | Temporary File Information Disclosure Vulnerability |
| CVE-2022-41958 | 2022-11-25 | Deserialization Vulnerability by yaml config input in super-xray |
| CVE-2022-43983 | 2022-11-25 | Browsershot version 3.57.2 allows an external attacker to remotely obtain... |
| CVE-2022-43984 | 2022-11-25 | Browsershot version 3.57.3 allows an external attacker to remotely obtain... |
| CVE-2022-44411 | 2022-11-25 | Web Based Quiz System v1.0 transmits user passwords in plaintext... |
| CVE-2022-44843 | 2022-11-25 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... |
| CVE-2022-44844 | 2022-11-25 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... |
| CVE-2022-44858 | 2022-11-25 | Automotive Shop Management System v1.0 was discovered to contain a... |
| CVE-2022-44859 | 2022-11-25 | Automotive Shop Management System v1.0 was discovered to contain a... |
| CVE-2022-44860 | 2022-11-25 | Automotive Shop Management System v1.0 was discovered to contain a... |
| CVE-2022-45036 | 2022-11-25 | A cross-site scripting (XSS) vulnerability in the Search Settings module... |
| CVE-2022-45037 | 2022-11-25 | A cross-site scripting (XSS) vulnerability in /admin/users/index.php of WBCE CMS... |
| CVE-2022-45038 | 2022-11-25 | A cross-site scripting (XSS) vulnerability in /admin/settings/save.php of WBCE CMS... |
| CVE-2022-45039 | 2022-11-25 | An arbitrary file upload vulnerability in the Server Settings module... |
| CVE-2022-45040 | 2022-11-25 | A cross-site scripting (XSS) vulnerability in /admin/pages/sections_save.php of WBCE CMS... |
| CVE-2022-45152 | 2022-11-25 | A blind Server-Side Request Forgery (SSRF) vulnerability was found in... |
| CVE-2022-45205 | 2022-11-25 | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-45206 | 2022-11-25 | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-45207 | 2022-11-25 | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-45208 | 2022-11-25 | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-45210 | 2022-11-25 | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-45225 | 2022-11-25 | Book Store Management System v1.0 was discovered to contain a... |
| CVE-2022-45475 | 2022-11-25 | Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker... |
| CVE-2022-45476 | 2022-11-25 | Tiny File Manager version 2.4.8 executes the code of files... |
| CVE-2022-45885 | 2022-11-25 | An issue was discovered in the Linux kernel through 6.0.9.... |