Lista CVE - 2022 / Dicembre
Visualizzazione 1601 - 1700 di 2356 CVE per Dicembre 2022 (Pagina 17 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-44488 | 2022-12-21 | AEM URL Redirection to Untrusted Site Security feature bypass |
| CVE-2022-44643 | 2022-12-21 | Access policy with access to all tenants and using label selectors has more access |
| CVE-2022-47512 | 2022-12-21 | Sensitive Data Disclosure Vulnerability |
| CVE-2022-40145 | 2022-12-21 | Apache Karaf: JDBC JAAS LDAP injection |
| CVE-2022-23551 | 2022-12-21 | AAD Pod Identity obtaining token with backslash |
| CVE-2022-46334 | 2022-12-21 | Proofpoint Enterprise Protection Local Privilege Escalation |
| CVE-2022-3183 | 2022-12-21 | Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability... |
| CVE-2022-3184 | 2022-12-21 | Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability... |
| CVE-2022-3185 | 2022-12-21 | Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability... |
| CVE-2022-3186 | 2022-12-21 | Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability... |
| CVE-2022-3187 | 2022-12-21 | Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability... |
| CVE-2022-3188 | 2022-12-21 | Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability... |
| CVE-2022-3189 | 2022-12-21 | Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability... |
| CVE-2022-24431 | 2022-12-21 | Command Injection |
| CVE-2022-25893 | 2022-12-21 | Arbitrary Code Execution |
| CVE-2022-25895 | 2022-12-21 | Directory Traversal |
| CVE-2022-25929 | 2022-12-21 | Cross-site Scripting (XSS) |
| CVE-2022-38060 | 2022-12-21 | A privilege escalation vulnerability exists in the sudo functionality of... |
| CVE-2022-38065 | 2022-12-21 | A privilege escalation vulnerability exists in the oslo.privsep functionality of... |
| CVE-2020-36624 | 2022-12-22 | ahorner text-helpers translation.rb reverse tabnabbing |
| CVE-2020-36625 | 2022-12-22 | destiny.gg chat main.go websocket.Upgrader cross-site request forgery |
| CVE-2022-3032 | 2022-12-22 | When receiving an HTML email that contained an <code>iframe</code> element,... |
| CVE-2022-40897 | 2022-12-22 | Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers... |
| CVE-2022-47928 | 2022-12-22 | In MISP before 2.4.167, there is XSS in the template... |
| CVE-2020-15679 | 2022-12-22 | An OAuth session fixation vulnerability existed in the VPN login... |
| CVE-2020-15685 | 2022-12-22 | During the plaintext phase of the STARTTLS connection setup, protocol... |
| CVE-2021-36631 | 2022-12-22 | Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier... |
| CVE-2021-4126 | 2022-12-22 | When receiving an OpenPGP/MIME signed email message that contains an... |
| CVE-2021-4127 | 2022-12-22 | An out of date graphics library (Angle) likely contained vulnerabilities... |
| CVE-2021-4128 | 2022-12-22 | When transitioning in and out of fullscreen mode, a graphics... |
| CVE-2021-4129 | 2022-12-22 | Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele... |
| CVE-2021-4140 | 2022-12-22 | It was possible to construct specific XSLT markup that would... |
| CVE-2021-4221 | 2022-12-22 | If a domain name contained a RTL character, it would... |
| CVE-2021-43657 | 2022-12-22 | A Stored Cross-site scripting (XSS) vulnerability via MAster.php in Sourcecodetester... |
| CVE-2022-0511 | 2022-12-22 | Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell... |
| CVE-2022-0517 | 2022-12-22 | Mozilla VPN can load an OpenSSL configuration file from an... |
| CVE-2022-0566 | 2022-12-22 | It may be possible for an attacker to craft an... |
| CVE-2022-0843 | 2022-12-22 | Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported... |
| CVE-2022-1097 | 2022-12-22 | <code>NSSToken</code> objects were referenced via direct points, and could have... |
| CVE-2022-1196 | 2022-12-22 | After a VR Process is destroyed, a reference to it... |
| CVE-2022-1197 | 2022-12-22 | When importing a revoked key that specified key compromise as... |
| CVE-2022-1520 | 2022-12-22 | When viewing an email message A, which contains an attached... |
| CVE-2022-1529 | 2022-12-22 | An attacker could have sent a message to the parent... |
| CVE-2022-1802 | 2022-12-22 | If an attacker was able to corrupt the methods of... |
| CVE-2022-1834 | 2022-12-22 | When displaying the sender of an email, and the sender... |
| CVE-2022-1887 | 2022-12-22 | The search term could have been specified externally to trigger... |
| CVE-2022-2200 | 2022-12-22 | If an object prototype was corrupted by an attacker, they... |
| CVE-2022-2226 | 2022-12-22 | An OpenPGP digital signature includes information about the date when... |
| CVE-2022-22736 | 2022-12-22 | If Firefox was installed to a world-writable directory, a local... |
| CVE-2022-22737 | 2022-12-22 | Constructing audio sinks could have lead to a race condition... |
| CVE-2022-22738 | 2022-12-22 | Applying a CSS filter effect could have accessed out of... |
| CVE-2022-22739 | 2022-12-22 | Malicious websites could have tricked users into accepting launching a... |
| CVE-2022-22740 | 2022-12-22 | Certain network request objects were freed too early when releasing... |
| CVE-2022-22741 | 2022-12-22 | When resizing a popup while requesting fullscreen access, the popup... |
| CVE-2022-22742 | 2022-12-22 | When inserting text while in edit mode, some characters might... |
| CVE-2022-22743 | 2022-12-22 | When navigating from inside an iframe while requesting fullscreen access,... |
| CVE-2022-22744 | 2022-12-22 | The constructed curl command from the "Copy as curl" feature... |
| CVE-2022-22745 | 2022-12-22 | Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.... |
| CVE-2022-22746 | 2022-12-22 | A race condition could have allowed bypassing the fullscreen notification... |
| CVE-2022-22747 | 2022-12-22 | After accepting an untrusted certificate, handling an empty pkcs7 sequence... |
| CVE-2022-22748 | 2022-12-22 | Malicious websites could have confused Firefox into showing the wrong... |
| CVE-2022-22749 | 2022-12-22 | When scanning QR codes, Firefox for Android would have allowed... |
| CVE-2022-22750 | 2022-12-22 | By generally accepting and passing resource handles across processes, a... |
| CVE-2022-22751 | 2022-12-22 | Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer,... |
| CVE-2022-22752 | 2022-12-22 | Mozilla developers Christian Holler and Jason Kratzer reported memory safety... |
| CVE-2022-22753 | 2022-12-22 | A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service... |
| CVE-2022-22754 | 2022-12-22 | If a user installed an extension of a particular type,... |
| CVE-2022-22755 | 2022-12-22 | By using XSL Transforms, a malicious webserver could have served... |
| CVE-2022-22756 | 2022-12-22 | If a user was convinced to drag and drop an... |
| CVE-2022-22757 | 2022-12-22 | Remote Agent, used in WebDriver, did not validate the Host... |
| CVE-2022-22758 | 2022-12-22 | When clicking on a tel: link, USSD codes, specified after... |
| CVE-2022-22759 | 2022-12-22 | If a document created a sandboxed iframe without <code>allow-scripts</code>, and... |
| CVE-2022-22760 | 2022-12-22 | When importing resources using Web Workers, error messages would distinguish... |
| CVE-2022-22761 | 2022-12-22 | Web-accessible extension pages (pages with a moz-extension:// scheme) were not... |
| CVE-2022-22762 | 2022-12-22 | Under certain circumstances, a JavaScript alert (or prompt) could have... |
| CVE-2022-22763 | 2022-12-22 | When a worker is shutdown, it was possible to cause... |
| CVE-2022-22764 | 2022-12-22 | Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported... |
| CVE-2022-2505 | 2022-12-22 | Mozilla developers and the Mozilla Fuzzing Team reported memory safety... |
| CVE-2022-26381 | 2022-12-22 | An attacker could have caused a use-after-free by forcing a... |
| CVE-2022-26382 | 2022-12-22 | While the text displayed in Autofill tooltips cannot be directly... |
| CVE-2022-26383 | 2022-12-22 | When resizing a popup after requesting fullscreen access, the popup... |
| CVE-2022-26384 | 2022-12-22 | If an attacker could control the contents of an iframe... |
| CVE-2022-26385 | 2022-12-22 | In unusual circumstances, an individual thread may outlive the thread's... |
| CVE-2022-26386 | 2022-12-22 | Previously Firefox for macOS and Linux would download temporary files... |
| CVE-2022-26387 | 2022-12-22 | When installing an add-on, Firefox verified the signature before prompting... |
| CVE-2022-26485 | 2022-12-22 | Removing an XSLT parameter during processing could have lead to... |
| CVE-2022-26486 | 2022-12-22 | An unexpected message in the WebGPU IPC framework could lead... |
| CVE-2022-28281 | 2022-12-22 | If a compromised content process sent an unexpected number of... |
| CVE-2022-28282 | 2022-12-22 | By using a link with <code>rel="localization"</code> a use-after-free could have... |
| CVE-2022-28283 | 2022-12-22 | The sourceMapURL feature in devtools was missing security checks that... |
| CVE-2022-28284 | 2022-12-22 | SVG's <code><use></code> element could have been used to load unexpected... |
| CVE-2022-28285 | 2022-12-22 | When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet... |
| CVE-2022-28286 | 2022-12-22 | Due to a layout change, iframe contents could have been... |
| CVE-2022-28287 | 2022-12-22 | In unusual circumstances, selecting text could cause text selection caching... |
| CVE-2022-28288 | 2022-12-22 | Mozilla developers and community members Randell Jesup, Sebastian Hengst, and... |
| CVE-2022-28289 | 2022-12-22 | Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele... |
| CVE-2022-29909 | 2022-12-22 | Documents in deeply-nested cross-origin browsing contexts could have obtained permissions... |
| CVE-2022-29910 | 2022-12-22 | When closed or sent to the background, Firefox for Android... |
| CVE-2022-29911 | 2022-12-22 | An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code>... |
| CVE-2022-29912 | 2022-12-22 | Requests initiated through reader mode did not properly omit cookies... |