Lista CVE - 2022 / Dicembre
Visualizzazione 2101 - 2200 di 2356 CVE per Dicembre 2022 (Pagina 22 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-45433 | 2022-12-27 | Some Dahua software products have a vulnerability of unauthenticated traceroute... |
| CVE-2022-45434 | 2022-12-27 | Some Dahua software products have a vulnerability of unauthenticated un-throttled... |
| CVE-2022-45778 | 2022-12-27 | https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 <= 5.0.4.0 is vulnerable to Incorrect... |
| CVE-2022-45963 | 2022-12-27 | h3c firewall <= 3.10 ESS6703 has a privilege bypass vulnerability. |
| CVE-2022-46442 | 2022-12-27 | dedecms <=V5.7.102 is vulnerable to SQL Injection. In sys_ sql_... |
| CVE-2022-46763 | 2022-12-27 | A SQL injection issue in a database stored function in... |
| CVE-2022-46764 | 2022-12-27 | A SQL injection issue in the web API in TrueConf... |
| CVE-2022-4767 | 2022-12-27 | Denial of Service in usememos/memos |
| CVE-2022-47968 | 2022-12-27 | Heimdall Application Dashboard through 2.5.4 allows reflected and stored XSS... |
| CVE-2015-10005 | 2022-12-27 | markdown-it html_re.js redos |
| CVE-2018-25049 | 2022-12-27 | email-existence index.js redos |
| CVE-2022-4748 | 2022-12-27 | FlatPress File Delete panel.mediamanager.file.php doItemActions path traversal |
| CVE-2019-25086 | 2022-12-27 | IET-OU Open Media Player timedtext.php webvtt cross site scripting |
| CVE-2019-25087 | 2022-12-27 | RamseyK httpserver URI ResourceHost.cpp getResource path traversal |
| CVE-2022-4755 | 2022-12-27 | FlatPress Media Manager Plugin panel.mediamanager.file.php main cross site scripting |
| CVE-2019-25088 | 2022-12-27 | ytti Oxidized Web conf_search.haml cross site scripting |
| CVE-2021-4282 | 2022-12-27 | FreePBX voicemail page.voicemail.php cross site scripting |
| CVE-2021-4283 | 2022-12-27 | FreeBPX voicemail Settings ssettings.php cross site scripting |
| CVE-2021-4284 | 2022-12-27 | OpenMRS HTML Form Entry UI Framework Integration Module cross site scripting |
| CVE-2021-4285 | 2022-12-27 | Nagios NCPA tail.html cross site scripting |
| CVE-2021-4286 | 2022-12-27 | cocagne pysrp _ctsrp.py calculate_x information exposure |
| CVE-2021-4287 | 2022-12-27 | ReFirm Labs binwalk Archive Extraction extractor.py symlink |
| CVE-2019-25089 | 2022-12-27 | Morgawr Muon handler.clj random values |
| CVE-2019-25090 | 2022-12-27 | FreePBX arimanager Views cross site scripting |
| CVE-2020-36633 | 2022-12-27 | moodle-block_sitenews block_sitenews.php get_content cross-site request forgery |
| CVE-2022-4766 | 2022-12-27 | dolibarr_project_timesheet Form cross-site request forgery |
| CVE-2021-4288 | 2022-12-27 | OpenMRS openmrs-module-referenceapplication userApp.gsp cross site scripting |
| CVE-2020-36634 | 2022-12-27 | Indeed Engineering util ViewExportedVariablesServlet.java appendTo cross site scripting |
| CVE-2021-4289 | 2022-12-27 | OpenMRS openmrs-module-referenceapplication User App Page UserAppPageController.java post cross site scripting |
| CVE-2022-3156 | 2022-12-27 | Rockwell Automation Studio 5000 Logix Emulate Vulnerable to a Remote Code Execution Vulnerability |
| CVE-2020-36567 | 2022-12-27 | Arbitrary log line injection in github.com/gin-gonic/gin |
| CVE-2020-36568 | 2022-12-27 | Resource exhaustion in github.com/revel/revel |
| CVE-2020-36569 | 2022-12-27 | Authentication bypass in github.com/nanobox-io/golang-nanoauth |
| CVE-2017-20146 | 2022-12-27 | Improper access control in github.com/gorilla/handlers |
| CVE-2014-125026 | 2022-12-27 | Out-of-bounds write in github.com/cloudflare/golz4 |
| CVE-2015-10004 | 2022-12-27 | Timing side-channel in github.com/robbert229/jwt |
| CVE-2013-10005 | 2022-12-27 | Infinite loop in github.com/btcsuite/go-socks |
| CVE-2018-25046 | 2022-12-27 | Path traversal in code.cloudfoundry.org/archiver |
| CVE-2019-25073 | 2022-12-27 | Path traversal in github.com/goadesign/goa |
| CVE-2020-36559 | 2022-12-27 | Path Traversal in aahframe.work |
| CVE-2020-36560 | 2022-12-27 | Path traversal in github.com/artdarek/go-unzip |
| CVE-2020-36561 | 2022-12-27 | Path traversal in github.com/yi-ge/unzip |
| CVE-2019-25072 | 2022-12-27 | Uncontrolled resource consumption in github.com/tendermint/tendermint |
| CVE-2020-36562 | 2022-12-27 | Uncontrolled Resource Consumption in github.com/shiyanhui/dht |
| CVE-2016-15005 | 2022-12-27 | Cryptographically weak random number generation in github.com/dinever/golf |
| CVE-2020-36563 | 2022-12-27 | Weak hash (SHA-1) in github.com/RobotsAndPencils/go-saml |
| CVE-2020-36564 | 2022-12-27 | Improper input validation in github.com/justinas/nosurf |
| CVE-2021-4235 | 2022-12-27 | Denial of service in gopkg.in/yaml.v2 |
| CVE-2020-36566 | 2022-12-27 | Path traversal in github.com/whyrusleeping/tar-utils |
| CVE-2021-4236 | 2022-12-27 | Panic or authentication bypass in github.com/ecnepsnai/web |
| CVE-2022-2582 | 2022-12-27 | Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go |
| CVE-2022-2583 | 2022-12-27 | Race condition in github.com/ntbosscher/gobase |
| CVE-2021-4238 | 2022-12-27 | Insufficient randomness in github.com/Masterminds/goutils |
| CVE-2022-2584 | 2022-12-27 | Panic when decoding invalid blocks in github.com/ipld/go-codec-dagpb |
| CVE-2021-4239 | 2022-12-27 | Weak encryption and denial of service in github.com/flynn/noise |
| CVE-2022-3064 | 2022-12-27 | Excessive resource consumption in gopkg.in/yaml.v2 |
| CVE-2022-3346 | 2022-12-27 | Incorrect DNSSEC validation due to unchecked owner names in github.com/peterzen/goresolver |
| CVE-2022-3347 | 2022-12-27 | Incorrect validation of root DNSSEC public keys in github.com/peterzen/goresolver |
| CVE-2022-4768 | 2022-12-27 | Dropbox merou SSH Public Key public_key.py add_public_key injection |
| CVE-2021-4290 | 2022-12-27 | DHBW Fallstudie Login passport.js sql injection |
| CVE-2019-25091 | 2022-12-27 | nsupdate.info CSRF Cookie base.py cookie httponly flag |
| CVE-2022-4772 | 2022-12-27 | Widoco WidocoUtils.java unZipIt path traversal |
| CVE-2020-36635 | 2022-12-27 | OpenMRS Appointment Scheduling Module AppointmentTypeValidator.java validateFieldName cross site scripting |
| CVE-2021-4291 | 2022-12-27 | OpenMRS Admin UI Module location.gsp cross site scripting |
| CVE-2021-4292 | 2022-12-27 | OpenMRS Admin UI Module Manage Privilege Page privilege.gsp cross site scripting |
| CVE-2020-36636 | 2022-12-27 | OpenMRS Admin UI Module Account Setup AccountPageController.java sendErrorMessage cross site scripting |
| CVE-2022-4773 | 2022-12-27 | cloudsync LocalFilesystemConnector.java getItem path traversal |
| CVE-2022-41966 | 2022-12-27 | XStream Denial of Service via stack overflow |
| CVE-2022-41967 | 2022-12-27 | Improper Restriction of XML External Entity Reference in Dragonfly |
| CVE-2022-23544 | 2022-12-27 | Server-Side Request Forgery in Metersphere leads to Cross-Site Scripting |
| CVE-2022-38202 | 2022-12-28 | BUG-000152121 - Directory traversal vulnerability in ArcGIS Server. |
| CVE-2022-39012 | 2022-12-28 | Huawei Aslan Children's Watch has an improper input validation vulnerability.... |
| CVE-2022-41579 | 2022-12-28 | There is an insufficient authentication vulnerability in some Huawei band... |
| CVE-2022-44564 | 2022-12-28 | Huawei Aslan Children's Watch has a path traversal vulnerability. Successful... |
| CVE-2022-45874 | 2022-12-28 | Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful... |
| CVE-2022-46740 | 2022-12-28 | There is a denial of service vulnerability in the Wi-Fi... |
| CVE-2022-4796 | 2022-12-28 | Incorrect Use of Privileged APIs in usememos/memos |
| CVE-2022-4797 | 2022-12-28 | Improper Restriction of Excessive Authentication Attempts in usememos/memos |
| CVE-2022-4798 | 2022-12-28 | Authorization Bypass Through User-Controlled Key in usememos/memos |
| CVE-2022-4799 | 2022-12-28 | Authorization Bypass Through User-Controlled Key in usememos/memos |
| CVE-2022-4800 | 2022-12-28 | Improper Verification of Source of a Communication Channel in usememos/memos |
| CVE-2022-4801 | 2022-12-28 | Insufficient Granularity of Access Control in usememos/memos |
| CVE-2022-4802 | 2022-12-28 | Authorization Bypass Through User-Controlled Key in usememos/memos |
| CVE-2022-4803 | 2022-12-28 | Authorization Bypass Through User-Controlled Key in usememos/memos |
| CVE-2022-4804 | 2022-12-28 | Improper Authorization in usememos/memos |
| CVE-2022-4805 | 2022-12-28 | Incorrect Use of Privileged APIs in usememos/memos |
| CVE-2022-4806 | 2022-12-28 | Authorization Bypass Through User-Controlled Key in usememos/memos |
| CVE-2022-4807 | 2022-12-28 | Improper Access Control in usememos/memos |
| CVE-2022-4808 | 2022-12-28 | Improper Privilege Management in usememos/memos |
| CVE-2022-4809 | 2022-12-28 | Improper Access Control in usememos/memos |
| CVE-2022-4810 | 2022-12-28 | Improper Access Control in usememos/memos |
| CVE-2022-4811 | 2022-12-28 | Authorization Bypass Through User-Controlled Key in usememos/memos |
| CVE-2022-4812 | 2022-12-28 | Authorization Bypass Through User-Controlled Key in usememos/memos |
| CVE-2022-4813 | 2022-12-28 | Insufficient Granularity of Access Control in usememos/memos |
| CVE-2022-4814 | 2022-12-28 | Improper Access Control in usememos/memos |
| CVE-2022-23555 | 2022-12-28 | authentik vulnerable to Improper Authentication via invitation URL token reuse |
| CVE-2022-46172 | 2022-12-28 | authentik allows existing authenticated users to create arbitrary accounts |
| CVE-2022-46173 | 2022-12-28 | Elrond go Processing: fallback search of SCRs when not found in the main cache |
| CVE-2022-46174 | 2022-12-28 | Race condition during concurrent TLS mounts in efs-utils |
| CVE-2022-46179 | 2022-12-28 | LiuOS vulnerable to Authorization Bypass through User-Controlled Key |