Lista CVE - 2022 / Gennaio

Visualizzazione 501 - 600 di 1988 CVE per Gennaio 2022 (Pagina 6 di 20)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2022-21877	2022-01-11	Storage Spaces Controller Information Disclosure Vulnerability
CVE-2022-21878	2022-01-11	Windows Geolocation Service Remote Code Execution Vulnerability
CVE-2022-21879	2022-01-11	Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-21880	2022-01-11	Windows GDI+ Information Disclosure Vulnerability
CVE-2022-21881	2022-01-11	Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-21882	2022-01-11	Win32k Elevation of Privilege Vulnerability
CVE-2022-21883	2022-01-11	Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2022-21884	2022-01-11	Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2022-21885	2022-01-11	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2022-21887	2022-01-11	Win32k Elevation of Privilege Vulnerability
CVE-2022-21888	2022-01-11	Windows Modern Execution Server Remote Code Execution Vulnerability
CVE-2022-21889	2022-01-11	Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2022-21890	2022-01-11	Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2022-21891	2022-01-11	Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability
CVE-2022-21892	2022-01-11	Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2022-21893	2022-01-11	Remote Desktop Protocol Remote Code Execution Vulnerability
CVE-2022-21894	2022-01-11	Secure Boot Security Feature Bypass Vulnerability
CVE-2022-21895	2022-01-11	Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2022-21896	2022-01-11	Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-21897	2022-01-11	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-21898	2022-01-11	DirectX Graphics Kernel Remote Code Execution Vulnerability
CVE-2022-21899	2022-01-11	Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2022-21900	2022-01-11	Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2022-21901	2022-01-11	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-21902	2022-01-11	Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-21903	2022-01-11	Windows GDI Elevation of Privilege Vulnerability
CVE-2022-21904	2022-01-11	Windows GDI Information Disclosure Vulnerability
CVE-2022-21905	2022-01-11	Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2022-21906	2022-01-11	Windows Defender Application Control Security Feature Bypass Vulnerability
CVE-2022-21907	2022-01-11	HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2022-21908	2022-01-11	Windows Installer Elevation of Privilege Vulnerability
CVE-2022-21910	2022-01-11	Microsoft Cluster Port Driver Elevation of Privilege Vulnerability
CVE-2022-21911	2022-01-11	.NET Framework Denial of Service Vulnerability
CVE-2022-21912	2022-01-11	DirectX Graphics Kernel Remote Code Execution Vulnerability
CVE-2022-21913	2022-01-11	Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass
CVE-2022-21914	2022-01-11	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2022-21915	2022-01-11	Windows GDI+ Information Disclosure Vulnerability
CVE-2022-21916	2022-01-11	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-21917	2022-01-11	HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-21918	2022-01-11	DirectX Graphics Kernel File Denial of Service Vulnerability
CVE-2022-21919	2022-01-11	Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2022-21920	2022-01-11	Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-21921	2022-01-11	Windows Defender Credential Guard Security Feature Bypass Vulnerability
CVE-2022-21922	2022-01-11	Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2022-21924	2022-01-11	Workstation Service Remote Protocol Security Feature Bypass Vulnerability
CVE-2022-21925	2022-01-11	Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability
CVE-2022-21928	2022-01-11	Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2022-21929	2022-01-11	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2022-21930	2022-01-11	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2022-21931	2022-01-11	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2022-21932	2022-01-11	Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability
CVE-2022-21954	2022-01-11	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2022-21958	2022-01-11	Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2022-21959	2022-01-11	Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2022-21960	2022-01-11	Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2022-21961	2022-01-11	Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2022-21962	2022-01-11	Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2022-21963	2022-01-11	Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2022-21964	2022-01-11	Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability
CVE-2022-21969	2022-01-11	Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-21970	2022-01-11	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2021-46283	2022-01-11	nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization...
CVE-2022-21646	2022-01-11	Lookup operations do not take into account wildcards in SpiceDB
CVE-2021-41767	2022-01-11	Private tunnel identifier may be included in the non-private details of active connections
CVE-2021-43999	2022-01-11	Improper validation of SAML responses
CVE-2022-0087	2022-01-11	Cross-site Scripting (XSS) - Reflected in keystonejs/keystone
CVE-2021-36417	2022-01-12	A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file.
CVE-2021-40559	2022-01-12	A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service.
CVE-2021-40562	2022-01-12	A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.
CVE-2021-40563	2022-01-12	A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service.
CVE-2021-40564	2022-01-12	A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.
CVE-2021-40565	2022-01-12	A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service.
CVE-2021-40566	2022-01-12	A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service.
CVE-2021-43860	2022-01-12	Permissions granted to applications can be hidden from the user at install time
CVE-2022-0179	2022-01-12	Missing Authorization in snipe/snipe-it
CVE-2022-20613	2022-01-12	A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.
CVE-2022-20614	2022-01-12	A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.
CVE-2022-23106	2022-01-12	Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication...
CVE-2022-0159	2022-01-12	Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore
CVE-2021-3852	2022-01-12	Authorization Bypass Through User-Controlled Key in weseek/growi
CVE-2021-44648	2022-01-12	GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
CVE-2021-44649	2022-01-12	Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. The vulnerability allows an...
CVE-2021-44650	2022-01-12	Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components.
CVE-2021-4080	2022-01-12	Unrestricted Upload of File with Dangerous Type in crater-invoice/crater
CVE-2021-44651	2022-01-12	Zoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the updatePersonalizeSettings component due to an improper security patch for CVE-2021-40175.
CVE-2021-44652	2022-01-12	Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component.
CVE-2021-45411	2022-01-12	In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote...
CVE-2021-43436	2022-01-12	MartDevelopers Inc iResturant v1.0 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the...
CVE-2022-0012	2022-01-12	Cortex XDR Agent: Local Arbitrary File Deletion Vulnerability
CVE-2022-0013	2022-01-12	Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File
CVE-2022-0014	2022-01-12	Cortex XDR Agent: Unintended Program Execution When Using Live Terminal Session
CVE-2022-0015	2022-01-12	Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability
CVE-2021-45445	2022-01-12	Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop.
CVE-2021-28377	2022-01-12	ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
CVE-2021-28376	2022-01-12	ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.
CVE-2021-43960	2022-01-12	Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go...
CVE-2022-21675	2022-01-12	Bytecode Viewer v2.10.x Zip Slip
CVE-2022-21676	2022-01-12	Uncaught Exception in engine.io
CVE-2021-35500	2022-01-12	TIBCO Data Virtualization Arbitrary File Download vulnerability
CVE-2021-42562	2022-01-12	An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should...