Lista CVE - 2022 / Aprile
Visualizzazione 1701 - 1800 di 2039 CVE per Aprile 2022 (Pagina 18 di 21)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-27405 | 2022-04-22 | FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation... |
| CVE-2022-27406 | 2022-04-22 | FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation... |
| CVE-2022-29582 | 2022-04-22 | In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free... |
| CVE-2022-29583 | 2022-04-22 | service_windows.go in the kardianos service package for Go omits quoting... |
| CVE-2022-26672 | 2022-04-22 | ASUS WebStorage - Use of Hard-coded Credentials |
| CVE-2022-26673 | 2022-04-22 | ASUS RT-AX88U - Stored XSS |
| CVE-2022-26674 | 2022-04-22 | ASUS RT-AX88U - Format String |
| CVE-2022-1429 | 2022-04-22 | SQL injection in GridHelperService.php in pimcore/pimcore |
| CVE-2022-28074 | 2022-04-22 | Halo-1.5.0 was discovered to contain a stored cross-site scripting (XSS)... |
| CVE-2022-1437 | 2022-04-22 | Heap-based Buffer Overflow in radareorg/radare2 |
| CVE-2021-36203 | 2022-04-22 | Johnson Controls Metasys SCT Pro |
| CVE-2021-32929 | 2022-04-22 | Uffizio GPS Tracker Cross-site Request Forgery |
| CVE-2021-32927 | 2022-04-22 | Uffizio GPS Tracker Cross-site Scripting |
| CVE-2020-14123 | 2022-04-22 | There is a pointer double free vulnerability in Some MIUI... |
| CVE-2022-29589 | 2022-04-22 | Crypt Server before 3.3.0 allows XSS in the index view.... |
| CVE-2022-1439 | 2022-04-22 | Reflected XSS on demo.microweber.org/demo/module/ in microweber/microweber |
| CVE-2021-20464 | 2022-04-22 | IBM Cognos Analytics PowerPlay (IBM Cognos Analytics 11.1.7, 11.2.0, and... |
| CVE-2021-29824 | 2022-04-22 | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to... |
| CVE-2021-38886 | 2022-04-22 | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to... |
| CVE-2021-38903 | 2022-04-22 | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to... |
| CVE-2021-38904 | 2022-04-22 | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow a... |
| CVE-2021-38905 | 2022-04-22 | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an... |
| CVE-2021-38946 | 2022-04-22 | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to... |
| CVE-2022-1440 | 2022-04-22 | Command Injection vulnerability in [email protected] in yarkeev/git-interface |
| CVE-2022-27340 | 2022-04-22 | MCMS v5.2.7 contains a Cross-Site Request Forgery (CSRF) via /role/saveOrUpdateRole.do.... |
| CVE-2022-27341 | 2022-04-22 | JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-27342 | 2022-04-22 | Link-Admin v0.0.1 was discovered to contain a SQL injection vulnerability... |
| CVE-2021-3721 | 2022-04-22 | A denial of service vulnerability was reported in Lenovo PCManager... |
| CVE-2021-3722 | 2022-04-22 | A denial of service vulnerability was reported in Lenovo PCManager... |
| CVE-2021-3898 | 2022-04-22 | Versions of Motorola Ready For and Motorola Device Help Android... |
| CVE-2021-3970 | 2022-04-22 | A potential vulnerability in LenovoVariable SMI Handler due to insufficient... |
| CVE-2021-3971 | 2022-04-22 | A potential vulnerability by a driver used during older manufacturing... |
| CVE-2021-3972 | 2022-04-22 | A potential vulnerability by a driver used during manufacturing process... |
| CVE-2021-4210 | 2022-04-22 | A potential vulnerability in the SMI callback function used in... |
| CVE-2021-4211 | 2022-04-22 | A potential vulnerability in the SMI callback function used in... |
| CVE-2021-4212 | 2022-04-22 | A potential vulnerability in the SMI callback function used in... |
| CVE-2022-0192 | 2022-04-22 | A DLL search path vulnerability was reported in Lenovo PCManager... |
| CVE-2022-0354 | 2022-04-22 | A vulnerability was reported in Lenovo System Update that could... |
| CVE-2022-0636 | 2022-04-22 | A denial of service vulnerability was reported in Lenovo Thin... |
| CVE-2022-1107 | 2022-04-22 | During an internal product security audit a potential vulnerability due... |
| CVE-2022-1108 | 2022-04-22 | A potential vulnerability due to improper buffer validation in the... |
| CVE-2021-3849 | 2022-04-22 | An authentication bypass vulnerability was discovered in the web interface... |
| CVE-2021-3897 | 2022-04-22 | An authentication bypass vulnerability was discovered in an internal service... |
| CVE-2022-1427 | 2022-04-22 | Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby |
| CVE-2022-1444 | 2022-04-23 | heap-use-after-free in radareorg/radare2 |
| CVE-2022-1445 | 2022-04-24 | Stored Cross Site Scripting vulnerability in the checked_out_to parameter in snipe/snipe-it |
| CVE-2022-1452 | 2022-04-24 | Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in radareorg/radare2 |
| CVE-2022-1451 | 2022-04-24 | Out-of-bounds Read in r_bin_java_constant_value_attr_new function in radareorg/radare2 |
| CVE-2021-45837 | 2022-04-25 | It is possible to execute arbitrary commands as root in... |
| CVE-2021-45839 | 2022-04-25 | It is possible to obtain the first administrator's hash set... |
| CVE-2021-45841 | 2022-04-25 | In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can... |
| CVE-2022-1441 | 2022-04-25 | MP4Box is a component of GPAC-2.0.0, which is a widely-used... |
| CVE-2022-23457 | 2022-04-25 | Path Traversal in ESAPI |
| CVE-2022-24792 | 2022-04-25 | Potential infinite loop when parsing WAV format file in PJSIP |
| CVE-2022-29546 | 2022-04-25 | HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of... |
| CVE-2022-29077 | 2022-04-25 | A heap-based buffer overflow exists in rippled before 1.8.5. The... |
| CVE-2019-25059 | 2022-04-25 | Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists... |
| CVE-2022-29603 | 2022-04-25 | A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1... |
| CVE-2021-40680 | 2022-04-25 | There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000... |
| CVE-2022-29264 | 2022-04-25 | An issue was discovered in coreboot 4.13 through 4.16. On... |
| CVE-2022-1457 | 2022-04-25 | Store XSS in title parameter executing at EditUser Page & EditProducto page in neorazorx/facturascripts |
| CVE-2022-1458 | 2022-04-25 | Stored XSS Leads To Session Hijacking in openemr/openemr |
| CVE-2022-1459 | 2022-04-25 | Non-Privilege User Can View Patient’s Disclosures in openemr/openemr |
| CVE-2022-28871 | 2022-04-25 | Denial-of-Service (DoS) Vulnerability |
| CVE-2022-1461 | 2022-04-25 | Non Privilege User can Enable or Disable Registered in openemr/openemr |
| CVE-2021-45842 | 2022-04-25 | It is possible to obtain the first administrator's hash set... |
| CVE-2021-45840 | 2022-04-25 | It is possible to execute arbitrary commands as root in... |
| CVE-2021-45836 | 2022-04-25 | An authenticated attacker can execute arbitrary commands as root in... |
| CVE-2021-36460 | 2022-04-25 | VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the... |
| CVE-2022-27103 | 2022-04-25 | element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2022-28586 | 2022-04-25 | XSS in edit page of Hoosk 1.8.0 allows attacker to... |
| CVE-2022-27428 | 2022-04-25 | A stored cross-site scripting (XSS) vulnerability in /index.php/album/add of GalleryCMS... |
| CVE-2022-27429 | 2022-04-25 | Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery... |
| CVE-2022-28053 | 2022-04-25 | Typemill v1.5.3 was discovered to contain an arbitrary file upload... |
| CVE-2022-27135 | 2022-04-25 | xpdf 4.03 has heap buffer overflow in the function readXRefTable... |
| CVE-2022-28506 | 2022-04-25 | There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in... |
| CVE-2022-27311 | 2022-04-25 | Gibbon v3.4.4 and below allows attackers to execute a Server-Side... |
| CVE-2022-28093 | 2022-04-25 | SCBS Online Sports Venue Reservation System v1.0 was discovered to... |
| CVE-2022-28094 | 2022-04-25 | SCBS Online Sports Venue Reservation System v1.0 was discovered to... |
| CVE-2022-29078 | 2022-04-25 | The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js... |
| CVE-2022-26111 | 2022-04-25 | The BeanShell components of IRISNext through 9.8.28 allow execution of... |
| CVE-2022-26597 | 2022-04-25 | Cross-site scripting (XSS) vulnerability in the Layout module's Open Graph... |
| CVE-2021-39040 | 2022-04-25 | IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious... |
| CVE-2022-22392 | 2022-04-25 | IBM Planning Analytics Local 2.0 could allow an attacker to... |
| CVE-2022-26596 | 2022-04-25 | Cross-site scripting (XSS) vulnerability in Journal module's web content display... |
| CVE-2022-27375 | 2022-04-25 | Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request... |
| CVE-2022-27374 | 2022-04-25 | Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request... |
| CVE-2021-24800 | 2022-04-25 | DW Question & Answer Pro <= 1.3.4 - Arbitrary Comment Edition via IDOR |
| CVE-2021-24805 | 2022-04-25 | DW Question & Answer Pro <= 1.3.4 - Multiple CSRF |
| CVE-2021-24957 | 2022-04-25 | Advanced Page Visit Counter < 6.1.6 - Subscriber+ Blind SQL injection |
| CVE-2021-25094 | 2022-04-25 | Tatsu < 3.3.12 - Unauthenticated RCE |
| CVE-2021-25111 | 2022-04-25 | English WordPress Admin < 1.5.2 - Unauthenticated Open Redirect |
| CVE-2021-46780 | 2022-04-25 | Easy Google Maps < 1.9.32 - Reflected Cross-Site Scripting |
| CVE-2021-46781 | 2022-04-25 | Coming Soon by Supsystic < 1.7.6 - Reflected Cross-Site Scripting |
| CVE-2021-46782 | 2022-04-25 | Pricing Table by Supsystic < 1.9.5 - Reflected Cross-Site Scripting |
| CVE-2021-4225 | 2022-04-25 | SP Project & Document Manager < 4.24 - Subscriber+ Shell Upload |
| CVE-2022-0287 | 2022-04-25 | Mycred < 2.4.4.1 - Subscriber+ User E-mail Addresses Disclosure |
| CVE-2022-0363 | 2022-04-25 | myCred < 2.4.4 - Subscriber+ Arbitrary Post Creation |
| CVE-2022-0398 | 2022-04-25 | ThirstyAffiliates Affiliate Link Manager < 3.10.5 - Subscriber+ Arbitrary Affiliate Links Creation |
| CVE-2022-0541 | 2022-04-25 | Flo Launch < 2.4.1 - Missing Authentication Allow Full Site Takeover |