Lista CVE - 2022 / Maggio
Visualizzazione 1701 - 1800 di 2161 CVE per Maggio 2022 (Pagina 18 di 22)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-29223 | 2022-05-24 | Buffer overflow on HUB descriptor in Azure RTOS USBX |
| CVE-2021-45915 | 2022-05-24 | In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker... |
| CVE-2021-45914 | 2022-05-24 | In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker... |
| CVE-2022-22306 | 2022-05-24 | An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through... |
| CVE-2021-44975 | 2022-05-24 | radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c... |
| CVE-2022-29237 | 2022-05-24 | Limited Authentication Bypass for Media Files in Opencast |
| CVE-2022-31261 | 2022-05-24 | An XXE issue was discovered in Morpheus through 5.2.16 and... |
| CVE-2022-29242 | 2022-05-24 | Buffer Overflow on creating key transport blob in GOST Engine |
| CVE-2022-29246 | 2022-05-24 | Potential buffer overflow in function DFU upload in Azure RTOS USBX |
| CVE-2022-29249 | 2022-05-24 | Reversible One-Way Hash and Use of a Broken or Risky Cryptographic Algorithm in io.github.javaezlib.JavaEZ |
| CVE-2013-10002 | 2022-05-24 | Telecommunication Software SAMwin Contact Center Suite Credential SAMwinLIBVB.dll getCurrentDBVersion hard-coded credentials |
| CVE-2013-10003 | 2022-05-24 | Telecommunication Software SAMwin Contact Center Suite Database SAMwinLIBVB.dll getCurrentDBVersion sql injection |
| CVE-2013-10004 | 2022-05-24 | Telecommunication Software SAMwin Contact Center Suite Password SAMwinLIBVB.dll passwordScramble improper authentication |
| CVE-2014-125001 | 2022-05-24 | Cardo Systems Scala Rider Q3 Cardo-Updater api privileges management |
| CVE-2021-4229 | 2022-05-24 | ua-parser-js Crypto Mining backdoor |
| CVE-2021-4230 | 2022-05-24 | Airfield Online MySQL Backup improper authentication |
| CVE-2020-4926 | 2022-05-24 | A vulnerability in the Spectrum Scale 5.1 core component and... |
| CVE-2022-22309 | 2022-05-24 | The POWER systems FSP is vulnerable to unauthenticated logins through... |
| CVE-2022-22495 | 2022-05-24 | IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL... |
| CVE-2022-1669 | 2022-05-24 | Circutor COMPACT DC-S BASIC |
| CVE-2021-32964 | 2022-05-24 | Claroty Secure Remote Access Site - Authentication Bypass Using an Alternate Path or Channel |
| CVE-2021-32962 | 2022-05-24 | Claroty Secure Remote Access Site - Authentication Bypass Using an Alternate Path or Channel |
| CVE-2021-32965 | 2022-05-24 | Delta Electronics DIAScreen - Type Confusion, Out-of-bounds Write |
| CVE-2021-32969 | 2022-05-24 | Delta Electronics DIAScreen - Type Confusion, Out-of-bounds Write |
| CVE-2022-23050 | 2022-05-24 | ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to... |
| CVE-2021-42612 | 2022-05-24 | A use after free in cleanup_index in index.c in Halibut... |
| CVE-2022-22977 | 2022-05-24 | VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML... |
| CVE-2021-42613 | 2022-05-24 | A double free in cleanup_index in index.c in Halibut 1.2... |
| CVE-2021-3717 | 2022-05-24 | A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge... |
| CVE-2021-3629 | 2022-05-24 | A flaw was found in Undertow. A potential security issue... |
| CVE-2021-3597 | 2022-05-24 | A flaw was found in undertow. The HTTP2SourceChannel fails to... |
| CVE-2021-42614 | 2022-05-24 | A use after free in info_width_internal in bk_info.c in Halibut... |
| CVE-2022-29333 | 2022-05-24 | A vulnerability in CyberLink Power Director v14 allows attackers to... |
| CVE-2022-29334 | 2022-05-24 | An issue in H v1.0 allows attackers to bypass authentication... |
| CVE-2022-29337 | 2022-05-24 | C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection... |
| CVE-2022-22497 | 2022-05-24 | IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access... |
| CVE-2022-29349 | 2022-05-24 | kkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-29358 | 2022-05-24 | epub2txt2 v2.04 was discovered to contain an integer overflow via... |
| CVE-2022-29359 | 2022-05-24 | A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs/application_form&id=7 of School... |
| CVE-2022-29361 | 2022-05-24 | Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and... |
| CVE-2022-29710 | 2022-05-24 | A cross-site scripting (XSS) vulnerability in uploadConfirm.php of LimeSurvey v5.3.9... |
| CVE-2022-1851 | 2022-05-25 | Out-of-bounds Read in vim/vim |
| CVE-2022-31621 | 2022-05-25 | MariaDB Server before 10.7 is vulnerable to Denial of Service.... |
| CVE-2022-31622 | 2022-05-25 | MariaDB Server before 10.7 is vulnerable to Denial of Service.... |
| CVE-2022-31623 | 2022-05-25 | MariaDB Server before 10.7 is vulnerable to Denial of Service.... |
| CVE-2022-31650 | 2022-05-25 | In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite... |
| CVE-2022-31651 | 2022-05-25 | In SoX 14.4.2, there is an assertion failure in rate_init... |
| CVE-2022-29248 | 2022-05-25 | Cross-domain cookie leakage in Guzzle |
| CVE-2022-29362 | 2022-05-25 | A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2... |
| CVE-2022-29405 | 2022-05-25 | Apache Archiva Arbitrary user password reset vulnerability |
| CVE-2022-1815 | 2022-05-25 | Exposure of Sensitive Information to an Unauthorized Actor in jgraph/drawio |
| CVE-2022-21951 | 2022-05-25 | Rancher: Weave CNI password is not set if RKE template is used with CNI value overridden |
| CVE-2022-1883 | 2022-05-25 | SQL Injection in camptocamp/terraboard |
| CVE-2022-28862 | 2022-05-25 | In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities... |
| CVE-2022-30323 | 2022-05-25 | go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected... |
| CVE-2022-30322 | 2022-05-25 | go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion... |
| CVE-2022-30321 | 2022-05-25 | go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access... |
| CVE-2022-26945 | 2022-05-25 | go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless... |
| CVE-2022-30595 | 2022-05-25 | libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in... |
| CVE-2021-44974 | 2022-05-25 | radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference... |
| CVE-2022-29650 | 2022-05-25 | Online Food Ordering System v1.0 was discovered to contain a... |
| CVE-2022-29651 | 2022-05-25 | An arbitrary file upload vulnerability in the Select Image function... |
| CVE-2022-29379 | 2022-05-25 | Nginx NJS v0.7.3 was discovered to contain a stack overflow... |
| CVE-2022-29380 | 2022-05-25 | Academy-LMS v4.3 was discovered to contain a stored cross-site scripting... |
| CVE-2021-32966 | 2022-05-25 | Philips Interoperability Solution XDS - Clear Text Transmission of Sensitive Information |
| CVE-2021-32989 | 2022-05-25 | LCDS LAquis SCADA - Cross-site Scripting |
| CVE-2021-32997 | 2022-05-25 | Baker Hughes Bently Nevada 3500 - Use of Password Hash with Insufficient Computational Effort |
| CVE-2021-35487 | 2022-05-25 | Nokia Broadcast Message Center through 11.1.0 allows an authenticated user... |
| CVE-2022-22127 | 2022-05-25 | Tableau is aware of a broken access control vulnerability present... |
| CVE-2022-1678 | 2022-05-25 | An issue was discovered in the Linux Kernel from 4.18... |
| CVE-2022-28875 | 2022-05-25 | Denial-of-Service (DoS) Vulnerability |
| CVE-2022-1348 | 2022-05-25 | A vulnerability was found in logrotate in how the state... |
| CVE-2021-27779 | 2022-05-25 | A Security Misconfiguration vulnerability affects HCL VersionVault Express |
| CVE-2021-27783 | 2022-05-25 | HCL BigFix Mobile / Modern Client Management is vulnerable to sensitive information exposure |
| CVE-2022-30428 | 2022-05-25 | In ginadmin through 05-10-2022, the incoming path value is not... |
| CVE-2022-30427 | 2022-05-25 | In ginadmin through 05-10-2022 the incoming path value is not... |
| CVE-2021-44719 | 2022-05-25 | Docker Desktop 4.3.0 has Incorrect Access Control. |
| CVE-2022-27305 | 2022-05-25 | Gibbon v23 does not generate a new session ID cookie... |
| CVE-2022-23775 | 2022-05-25 | TrueStack Direct Connect 1.4.7 has Incorrect Access Control. |
| CVE-2022-29408 | 2022-05-25 | WordPress Advanced Contact form 7 DB plugin <= 1.8.7 - Unauthenticated Persistent Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29402 | 2022-05-25 | TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections... |
| CVE-2022-31620 | 2022-05-25 | In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion... |
| CVE-2022-26026 | 2022-05-25 | A denial of service vulnerability exists in the OAS Engine... |
| CVE-2022-26043 | 2022-05-25 | An external config control vulnerability exists in the OAS Engine... |
| CVE-2022-26067 | 2022-05-25 | An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles... |
| CVE-2022-26077 | 2022-05-25 | A cleartext transmission of sensitive information vulnerability exists in the... |
| CVE-2022-26082 | 2022-05-25 | A file write vulnerability exists in the OAS Engine SecureTransferFiles... |
| CVE-2022-26303 | 2022-05-25 | An external config control vulnerability exists in the OAS Engine... |
| CVE-2022-26833 | 2022-05-25 | An improper authentication vulnerability exists in the REST API functionality... |
| CVE-2022-27169 | 2022-05-25 | An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile... |
| CVE-2022-31624 | 2022-05-25 | MariaDB Server before 10.7 is vulnerable to Denial of Service.... |
| CVE-2022-29253 | 2022-05-25 | Path Traversal in XWiki Platform |
| CVE-2022-29252 | 2022-05-25 | Cross-site Scripting in XWiki Platform Wiki UI Main Wiki |
| CVE-2022-29251 | 2022-05-25 | Cross-site Scripting in the Flamingo theme manager |
| CVE-2022-29256 | 2022-05-25 | Possible vulnerability at 'npm install' time in sharp if an attacker has control over build environment |
| CVE-2022-30999 | 2022-05-25 | Possible cross-site scripting attack via unsanitized SVG files in FoF Upload |
| CVE-2022-31004 | 2022-05-25 | Potential secrets being logged to disk in CVE Services |
| CVE-2022-1882 | 2022-05-26 | A use-after-free flaw was found in the Linux kernel’s pipes... |
| CVE-2022-1886 | 2022-05-26 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-21831 | 2022-05-26 | A code injection vulnerability exists in the Active Storage >=... |