Lista CVE - 2022 / Febbraio
Visualizzazione 1501 - 1600 di 1942 CVE per Febbraio 2022 (Pagina 16 di 20)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-0630 | 2022-02-19 | Out-of-bounds Read in mruby/mruby |
| CVE-2022-0632 | 2022-02-19 | NULL Pointer Dereference in mruby/mruby |
| CVE-2022-23376 | 2022-02-19 | WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different... |
| CVE-2022-23375 | 2022-02-19 | WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability.... |
| CVE-2022-0689 | 2022-02-19 | Use multiple time the one-time coupon in microweber/microweber |
| CVE-2022-0690 | 2022-02-19 | Cross-site Scripting (XSS) - Reflected in microweber/microweber |
| CVE-2016-1239 | 2022-02-19 | duck before 0.10 did not properly handle loading of untrusted... |
| CVE-2021-46700 | 2022-02-19 | In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has... |
| CVE-2022-0685 | 2022-02-20 | Use of Out-of-range Pointer Offset in vim/vim |
| CVE-2022-0686 | 2022-02-20 | Authorization Bypass Through User-Controlled Key in unshiftio/url-parse |
| CVE-2021-45007 | 2022-02-20 | Plesk 18.0.37 is affected by a Cross Site Request Forgery... |
| CVE-2022-0688 | 2022-02-20 | Business Logic Errors in microweber/microweber |
| CVE-2021-45081 | 2022-02-20 | An issue was discovered in Cobbler through 3.3.1. Routines in... |
| CVE-2021-45083 | 2022-02-20 | An issue was discovered in Cobbler before 3.3.1. Files in... |
| CVE-2022-23848 | 2022-02-20 | In Alluxio before 2.7.3, the logserver does not validate the... |
| CVE-2022-22126 | 2022-02-20 | Openmct XSS via the “Web Page” element |
| CVE-2022-23053 | 2022-02-20 | Openmct XSS via the “Condition Widget” |
| CVE-2022-23054 | 2022-02-20 | Openmct XSS via the “Summary Widget” |
| CVE-2022-25372 | 2022-02-20 | Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation,... |
| CVE-2022-25375 | 2022-02-20 | An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel... |
| CVE-2021-46701 | 2022-02-20 | PreMiD 2.2.0 allows unintended access via the websocket transport. An... |
| CVE-2021-4115 | 2022-02-21 | There is a flaw in polkit which can allow an... |
| CVE-2021-44141 | 2022-02-21 | All versions of Samba prior to 4.15.5 are vulnerable to... |
| CVE-2022-0563 | 2022-02-21 | A flaw was found in the util-linux chfn and chsh... |
| CVE-2022-0564 | 2022-02-21 | Qlik Sense Enterprise Domain User enumeration |
| CVE-2022-0691 | 2022-02-21 | Authorization Bypass Through User-Controlled Key in unshiftio/url-parse |
| CVE-2022-0696 | 2022-02-21 | NULL Pointer Dereference in vim/vim |
| CVE-2022-25297 | 2022-02-21 | Arbitrary File Write |
| CVE-2021-24867 | 2022-02-21 | Backdoored Plugins & Themes from AccessPress Themes |
| CVE-2021-24921 | 2022-02-21 | Advanced Database Cleaner < 3.0.4 - Reflected Cross-Site Scripting |
| CVE-2021-25055 | 2022-02-21 | FeedWordPress < 2022.0123 - Reflected Cross-Site Scripting (XSS) |
| CVE-2021-25057 | 2022-02-21 | Translation Exchange <= 1.0.14 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-25058 | 2022-02-21 | The Buffer Button <= 1.0 - Authenticated Stored Cross Site Scripting (XSS) |
| CVE-2021-25060 | 2022-02-21 | Five Star Business Profile and Schema < 2.1.7 - Subscriber+ Page Creation & Settings Update to Stored XSS |
| CVE-2021-25069 | 2022-02-21 | WordPress Download Manager < 3.2.34 - Authenticated SQL Injection to Reflected XSS |
| CVE-2021-25075 | 2022-02-21 | Duplicate Page or Post < 1.5.1 - Arbitrary Settings Update to Stored XSS |
| CVE-2021-25082 | 2022-02-21 | Popup Builder < 4.0.7 - LFI to RCE |
| CVE-2021-25099 | 2022-02-21 | Give < 2.17.3 - Unauthenticated Reflected Cross-Site Scripting |
| CVE-2021-25100 | 2022-02-21 | Give < 2.17.3 - Reflected Cross-Site Scripting via Donation Forms Dashboard |
| CVE-2021-25101 | 2022-02-21 | Anti-Malware Security and Brute-Force Firewall < 4.20.94 - Admin+ Reflected Cross-Site Scripting |
| CVE-2021-4208 | 2022-02-21 | ExportFeed <= 2.0.1.0 - Admin+ SQL Injection |
| CVE-2022-0134 | 2022-02-21 | AnyComment < 0.2.18 - Arbitrary HyperComments Import/Revert via CSRF |
| CVE-2022-0164 | 2022-02-21 | Coming soon and Maintenance mode < 3.6.7 - Subscriber+ Arbitrary Email Sending to Subscribed Users |
| CVE-2022-0186 | 2022-02-21 | Image Photo Gallery Final Tiles Grid < 3.5.3 - Contributor+ Stored Cross-Site Scripting |
| CVE-2022-0199 | 2022-02-21 | Coming soon and Maintenance mode < 3.6.8 - Arbitrary Email Sending to Subscribed Users via CSRF |
| CVE-2022-0211 | 2022-02-21 | Shield Security < 13.0.6 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-0228 | 2022-02-21 | Popup Builder < 4.0.7 - Admin+ SQL Injection |
| CVE-2022-0234 | 2022-02-21 | WOOCS < 1.3.7.5 - Reflected Cross-Site Scripting |
| CVE-2022-0252 | 2022-02-21 | Give < 2.17.3 - Reflected Cross-Site Scripting via Import Tool |
| CVE-2022-0255 | 2022-02-21 | Database Backup for WordPress < 2.5.1 - Admin+ SQL Injection |
| CVE-2022-0279 | 2022-02-21 | AnyComment < 0.2.18 - Comment Rating Increase/Decrease via Race Condition |
| CVE-2022-0288 | 2022-02-21 | Ad Inserter < 2.7.10 - Reflected Cross-Site Scripting |
| CVE-2022-0313 | 2022-02-21 | Float Menu < 4.3.1 - Arbitrary Menu Deletion via CSRF |
| CVE-2021-45008 | 2022-02-21 | Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability... |
| CVE-2022-24553 | 2022-02-21 | An issue was found in Zfaka <= 1.4.5. The verification... |
| CVE-2022-0692 | 2022-02-21 | Open Redirect on Rudloff/alltube in rudloff/alltube |
| CVE-2021-44142 | 2022-02-21 | The Samba vfs_fruit module uses extended file attributes (EA, xattr)... |
| CVE-2021-44568 | 2022-02-21 | Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec... |
| CVE-2021-27753 | 2022-02-21 | "Sametime Android PathTraversal Vulnerability" |
| CVE-2021-27755 | 2022-02-21 | "Sametime Android potential path traversal vulnerability when using File class" |
| CVE-2022-0708 | 2022-02-21 | Team Creator's Email Address is disclosed to Team Members via one of the APIs |
| CVE-2022-23983 | 2022-02-21 | WordPress WP Content Copy Protection & No Right Click plugin <= 3.4.4 - Cross-Site Request Forgery (CSRF) leads to Settings Update vulnerability |
| CVE-2022-23984 | 2022-02-21 | WordPress wpDiscuz plugin <= 7.3.11 - Sensitive Information Disclosure |
| CVE-2022-24295 | 2022-02-21 | Okta Advanced Server Access Client for Windows prior to version... |
| CVE-2022-25599 | 2022-02-21 | WordPress Spiffy Calendar plugin <= 4.9.0 - Event deletion via Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2021-27796 | 2022-02-21 | A vulnerability in Brocade Fabric OS versions before Brocade Fabric... |
| CVE-2021-26256 | 2022-02-21 | WordPress Survey Maker plugin <= 2.0.6 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2021-27797 | 2022-02-21 | Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and... |
| CVE-2022-22308 | 2022-02-21 | IBM Planning Analytics 2.0 is vulnerable to a Remote File... |
| CVE-2022-24564 | 2022-02-21 | Checkmk <=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. While... |
| CVE-2021-25636 | 2022-02-22 | Incorrect trust validation of signature with ambiguous KeyInfo children |
| CVE-2022-0714 | 2022-02-22 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-24599 | 2022-02-22 | In autofile Audio File Library 0.3.6, there exists one memory... |
| CVE-2022-25643 | 2022-02-22 | seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with... |
| CVE-2022-23608 | 2022-02-22 | Use after free in PJSIP |
| CVE-2022-0676 | 2022-02-22 | Heap-based Buffer Overflow in radareorg/radare2 |
| CVE-2022-25636 | 2022-02-22 | net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local... |
| CVE-2022-24565 | 2022-02-22 | Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in... |
| CVE-2022-24582 | 2022-02-22 | Accounting Journal Management 1.0 is vulnerable to XSS-PHPSESSID-Hijacking. The parameter... |
| CVE-2022-24633 | 2022-02-22 | All versions of FileCloud prior to 21.3 are vulnerable to... |
| CVE-2021-4030 | 2022-02-22 | A cross-site request forgery vulnerability in the HTTP daemon of... |
| CVE-2021-4029 | 2022-02-22 | A command injection vulnerability in the CGI program of the... |
| CVE-2022-0665 | 2022-02-22 | Path Traversal in pimcore/pimcore |
| CVE-2021-46162 | 2022-02-22 | A vulnerability has been identified in Simcenter Femap (All versions... |
| CVE-2021-46699 | 2022-02-22 | A vulnerability has been identified in Simcenter Femap (All versions... |
| CVE-2022-0712 | 2022-02-22 | NULL Pointer Dereference in radareorg/radare2 |
| CVE-2022-23043 | 2022-02-22 | Zenario CMS 9.2 allows an authenticated admin user to bypass... |
| CVE-2022-0713 | 2022-02-22 | Heap-based Buffer Overflow in radareorg/radare2 |
| CVE-2022-23652 | 2022-02-22 | Privilege escalation using hop-by-hop Connection header |
| CVE-2021-44565 | 2022-02-22 | A Cross Site Scripting (XSS) vulnerability exists in RosarioSIS before... |
| CVE-2021-44566 | 2022-02-22 | A Cross Site Scripting (XSS) vulnerability exists in RosarioSIS before... |
| CVE-2022-23654 | 2022-02-22 | Improper write access check in Requarks/wiki |
| CVE-2021-44567 | 2022-02-22 | An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1... |
| CVE-2020-27467 | 2022-02-22 | A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1... |
| CVE-2021-44967 | 2022-02-22 | A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4... |
| CVE-2022-23635 | 2022-02-22 | Unauthenticated control plane denial of service attack in Istio |
| CVE-2021-43824 | 2022-02-22 | Null pointer dereference in envoy |
| CVE-2022-23606 | 2022-02-22 | Crash when a cluster is deleted in Envoy |
| CVE-2022-21656 | 2022-02-22 | X.509 subjectAltName matching bypass in Envoy |
| CVE-2022-21657 | 2022-02-22 | X.509 Extended Key Usage and Trust Purposes bypass in Envoy |