Lista CVE - 2022 / Giugno
Visualizzazione 1901 - 2000 di 2149 CVE per Giugno 2022 (Pagina 20 di 22)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-31034 | 2022-06-27 | Insecure entropy in argo-cd |
| CVE-2022-31035 | 2022-06-27 | External URLs for Deployments can include javascript in argo-cd |
| CVE-2022-31036 | 2022-06-27 | Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server |
| CVE-2022-31039 | 2022-06-27 | Improper privilege management - Anyone can view room settings in GreenLight |
| CVE-2022-31057 | 2022-06-27 | Authenticated Stored XSS in Shopware Administration |
| CVE-2022-31065 | 2022-06-27 | Cross site scripting vulnerability for private chat in bigbluebutton |
| CVE-2022-31064 | 2022-06-27 | Cross site scripting in username that will trigger by sending chat |
| CVE-2022-31076 | 2022-06-27 | Malicious Message can crash CloudCore in KubeEdge |
| CVE-2022-31077 | 2022-06-27 | Malicious response from KubeEdge can crash CSI Driver controller server |
| CVE-2021-40942 | 2022-06-27 | In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the... |
| CVE-2022-31082 | 2022-06-27 | SQL Injection via package deployment tasks in glpi-inventory-plugin |
| CVE-2022-33116 | 2022-06-27 | An issue in the jmpath variable in /modules/mindmap/index.php of GUnet... |
| CVE-2022-31088 | 2022-06-27 | Unauthenticated LDAP Injection in ldap-account-manager |
| CVE-2022-31087 | 2022-06-27 | Incorrect Default Permissions in ldap-account-manager |
| CVE-2022-31086 | 2022-06-27 | Incorrect Regular Expressions in ldap-account-manager |
| CVE-2022-31084 | 2022-06-27 | Unauthenticated Remote Code Execution in ldap-account-manager |
| CVE-2022-31085 | 2022-06-27 | Missing Encryption of Sensitive Data in ldap-account-manager |
| CVE-2022-33005 | 2022-06-27 | A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings... |
| CVE-2022-31094 | 2022-06-27 | Cross site scripting vulnerability in ScratchTools |
| CVE-2022-31089 | 2022-06-27 | Invalid file request can crashe parse-server |
| CVE-2022-31092 | 2022-06-27 | SQL injection in pimcore |
| CVE-2022-31093 | 2022-06-27 | Improper Handling of `callbackUrl` parameter in next-auth |
| CVE-2022-31096 | 2022-06-27 | Invites restricted to an email or invite links restricted to an email domain may be bypassed by a under certain conditions in Discourse |
| CVE-2022-32092 | 2022-06-27 | D-Link DIR-645 v1.03 was discovered to contain a command injection... |
| CVE-2022-33007 | 2022-06-27 | TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered... |
| CVE-2022-33879 | 2022-06-27 | Incomplete fix and new regex DoS in StandardsExtractingContentHandler |
| CVE-2017-20103 | 2022-06-27 | Kama Click Counter Plugin admin.php Blind sql injection |
| CVE-2022-31098 | 2022-06-27 | Weave GitOps leaked cluster credentials into logs on connection errors |
| CVE-2022-31100 | 2022-06-27 | Reachable Assertion in rulex |
| CVE-2022-31099 | 2022-06-27 | Uncontrolled Recursion in rulex |
| CVE-2022-31101 | 2022-06-27 | SQL Injection in prestashop/blockwishlist |
| CVE-2022-32994 | 2022-06-27 | Halo CMS v1.5.3 was discovered to contain an arbitrary file... |
| CVE-2022-32995 | 2022-06-27 | Halo CMS v1.5.3 was discovered to contain a Server-Side Request... |
| CVE-2022-31103 | 2022-06-27 | Improper handling of CSS at-rules in lettersanitizer |
| CVE-2022-33009 | 2022-06-27 | A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows... |
| CVE-2022-34133 | 2022-06-27 | Benjamin BALET Jorani v1.0 was discovered to contain a cross-site... |
| CVE-2022-34134 | 2022-06-27 | Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site... |
| CVE-2022-34132 | 2022-06-27 | Benjamin BALET Jorani v1.0 was discovered to contain a SQL... |
| CVE-2022-31104 | 2022-06-27 | Miscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime |
| CVE-2021-40606 | 2022-06-28 | The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause... |
| CVE-2021-40608 | 2022-06-28 | The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause... |
| CVE-2021-40609 | 2022-06-28 | The GetHintFormat function in GPAC 1.0.1 allows attackers to cause... |
| CVE-2021-40944 | 2022-06-28 | In GPAC MP4Box 1.1.0, there is a Null pointer reference... |
| CVE-2022-2231 | 2022-06-28 | NULL Pointer Dereference in vim/vim |
| CVE-2022-31056 | 2022-06-28 | SQL injection with _actor parameter in GLPI |
| CVE-2017-20104 | 2022-06-28 | Simplessus Cookie Time sql injection |
| CVE-2017-20105 | 2022-06-28 | Simplessus path traversal |
| CVE-2017-20106 | 2022-06-28 | Lithium Forum Compose Message server-side request forgery |
| CVE-2017-20107 | 2022-06-28 | ShadeYouVPN.com Client privileges management |
| CVE-2022-0624 | 2022-06-28 | Authorization Bypass Through User-Controlled Key in ionicabizau/parse-path |
| CVE-2021-41689 | 2022-06-28 | DCMTK through 3.6.6 does not handle string copy properly. Sending... |
| CVE-2021-41690 | 2022-06-28 | DCMTK through 3.6.6 does not handle memory free properly. The... |
| CVE-2021-41688 | 2022-06-28 | DCMTK through 3.6.6 does not handle memory free properly. The... |
| CVE-2021-41687 | 2022-06-28 | DCMTK through 3.6.6 does not handle memory free properly. The... |
| CVE-2021-40943 | 2022-06-28 | In Bento4 1.6.0-638, there is a null pointer reference in... |
| CVE-2022-29519 | 2022-06-28 | Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN... |
| CVE-2022-30707 | 2022-06-28 | Violation of secure design principles exists in the communication of... |
| CVE-2022-30997 | 2022-06-28 | Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller... |
| CVE-2021-40607 | 2022-06-28 | The schm_box_size function in GPAC 1.0.1 allows attackers to cause... |
| CVE-2022-23896 | 2022-06-28 | Admidio 4.1.2 version is affected by stored cross-site scripting (XSS). |
| CVE-2022-34750 | 2022-06-28 | An issue was discovered in MediaWiki through 1.38.1. The lemma... |
| CVE-2021-41460 | 2022-06-28 | ECShop 4.1.0 has SQL injection vulnerability, which can be exploited... |
| CVE-2022-30560 | 2022-06-28 | When an attacker obtaining the administrative account and password, or... |
| CVE-2022-30561 | 2022-06-28 | When an attacker uses a man-in-the-middle attack to sniff the... |
| CVE-2022-30562 | 2022-06-28 | If the user enables the https function on the device,... |
| CVE-2022-30563 | 2022-06-28 | When an attacker uses a man-in-the-middle attack to sniff the... |
| CVE-2022-23763 | 2022-06-28 | DOUZONE BIZON NeoRS file download and execute vulnerability |
| CVE-2022-0085 | 2022-06-28 | Server-Side Request Forgery (SSRF) in dompdf/dompdf |
| CVE-2022-0987 | 2022-06-28 | A flaw was found in PackageKit in the way some... |
| CVE-2021-40553 | 2022-06-28 | piwigo 11.5.0 is affected by a remote code execution (RCE)... |
| CVE-2021-3779 | 2022-06-28 | Ruby-MySQL Gem Client File Read |
| CVE-2022-33108 | 2022-06-28 | XPDF v4.04 was discovered to contain a stack overflow vulnerability... |
| CVE-2022-31052 | 2022-06-28 | URL previews can crash Synapse media repositories or Synapse monoliths |
| CVE-2022-31106 | 2022-06-28 | Prototype Pollution in underscore.deep |
| CVE-2022-2145 | 2022-06-28 | Cloudlfare WARP Arbitrary File Overwrite |
| CVE-2022-28621 | 2022-06-28 | A remote disclosure of sensitive information vulnerability was discovered in... |
| CVE-2022-31068 | 2022-06-28 | Sensitive Data Exposure on Refused Inventory Files in GLPI |
| CVE-2022-31061 | 2022-06-28 | SQL injection on login page in GLPI |
| CVE-2022-31108 | 2022-06-28 | Arbitrary `CSS` injection into the generated graph affecting the container HTML in mermaid.js |
| CVE-2022-31229 | 2022-06-28 | Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message... |
| CVE-2022-31230 | 2022-06-28 | Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic... |
| CVE-2021-3430 | 2022-06-28 | BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ |
| CVE-2021-3431 | 2022-06-28 | BT: Assertion failure on repeated LL_FEATURE_REQ |
| CVE-2021-3432 | 2022-06-28 | BT: Invalid interval in CONNECT_IND leads to Division by Zero |
| CVE-2021-3433 | 2022-06-28 | BT: Invalid channel map in CONNECT_IND results to Deadlock |
| CVE-2021-3434 | 2022-06-28 | L2CAP: Stack based buffer overflow in le_ecred_conn_req() |
| CVE-2021-3435 | 2022-06-28 | L2CAP: Information leakage in le_ecred_conn_req() |
| CVE-2022-31885 | 2022-06-28 | Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due... |
| CVE-2022-31886 | 2022-06-28 | Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery... |
| CVE-2022-31883 | 2022-06-28 | Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference... |
| CVE-2022-31884 | 2022-06-28 | Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which... |
| CVE-2022-31887 | 2022-06-28 | Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which... |
| CVE-2020-19896 | 2022-06-28 | File inclusion vulnerability in Minicms v1.9 allows remote attackers to... |
| CVE-2020-19897 | 2022-06-28 | A reflected Cross Site Scripting (XSS) in wuzhicms v4.1.0 allows... |
| CVE-2021-41559 | 2022-06-28 | Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that... |
| CVE-2022-24444 | 2022-06-28 | Silverstripe silverstripe/framework through 4.10 allows Session Fixation. |
| CVE-2022-29858 | 2022-06-28 | Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control... |
| CVE-2022-25238 | 2022-06-28 | Silverstripe silverstripe/framework through 4.10.0 allows XSS, inside of script tags... |
| CVE-2022-32532 | 2022-06-28 | Authentication Bypass Vulnerability |
| CVE-2022-33639 | 2022-06-29 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |