Lista CVE - 2022 / Luglio
Visualizzazione 1201 - 1300 di 1977 CVE per Luglio 2022 (Pagina 13 di 20)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-21537 | 2022-07-19 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... |
| CVE-2022-21538 | 2022-07-19 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker... |
| CVE-2022-21539 | 2022-07-19 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network... |
| CVE-2022-21542 | 2022-07-19 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged... |
| CVE-2022-21543 | 2022-07-19 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mgmt). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2022-21544 | 2022-07-19 | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows... |
| CVE-2022-21545 | 2022-07-19 | Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite (component: Candidate Self Service Registration). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network... |
| CVE-2022-21547 | 2022-07-19 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2022-21548 | 2022-07-19 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2022-21550 | 2022-07-19 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior and and 8.0.29... |
| CVE-2022-21551 | 2022-07-19 | Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate). The supported version that is affected is 21c: prior to 21.7.0.0.0; 19c: prior to 19.1.0.0.220719. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2022-21552 | 2022-07-19 | Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Search). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network... |
| CVE-2022-21553 | 2022-07-19 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2022-21554 | 2022-07-19 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2022-21555 | 2022-07-19 | Vulnerability in the MySQL Shell for VS Code product of Oracle MySQL (component: Shell: GUI). Supported versions that are affected are 1.1.8 and prior. Easily exploitable vulnerability allows high privileged... |
| CVE-2022-21556 | 2022-07-19 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2022-21557 | 2022-07-19 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high... |
| CVE-2022-21558 | 2022-07-19 | Vulnerability in the Oracle Crystal Ball product of Oracle Construction and Engineering (component: Installation). Supported versions that are affected are 11.1.2.0.000-11.1.2.4.900. Difficult to exploit vulnerability allows low privileged attacker with... |
| CVE-2022-21559 | 2022-07-19 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged... |
| CVE-2022-21560 | 2022-07-19 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2022-21561 | 2022-07-19 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged... |
| CVE-2022-21562 | 2022-07-19 | Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Fabric Layer). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2022-21563 | 2022-07-19 | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2022-21564 | 2022-07-19 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2022-21565 | 2022-07-19 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure... |
| CVE-2022-21566 | 2022-07-19 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via... |
| CVE-2022-21567 | 2022-07-19 | Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP... |
| CVE-2022-21568 | 2022-07-19 | Vulnerability in the Oracle iReceivables product of Oracle E-Business Suite (component: Access Request). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access... |
| CVE-2022-21569 | 2022-07-19 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2022-21570 | 2022-07-19 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 3.7.1.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2022-21571 | 2022-07-19 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2022-21572 | 2022-07-19 | Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged... |
| CVE-2022-21573 | 2022-07-19 | Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged... |
| CVE-2022-21574 | 2022-07-19 | Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2022-21575 | 2022-07-19 | Vulnerability in the Oracle WebCenter Sites Support Tools product of Oracle Fusion Middleware (component: User Interface). The supported version that is affected is Prior to 4.4.2. Easily exploitable vulnerability allows... |
| CVE-2022-21576 | 2022-07-19 | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability... |
| CVE-2022-21577 | 2022-07-19 | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows... |
| CVE-2022-21578 | 2022-07-19 | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows... |
| CVE-2022-21579 | 2022-07-19 | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows... |
| CVE-2022-21580 | 2022-07-19 | Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 2.9.0.0.0, 2.9.0.1.0, 3.0.0.0.0-3.2.0.0.0 and 4.0.0.0.0. Difficult... |
| CVE-2022-21581 | 2022-07-19 | Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged... |
| CVE-2022-21582 | 2022-07-19 | Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged... |
| CVE-2022-21583 | 2022-07-19 | Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged... |
| CVE-2022-21584 | 2022-07-19 | Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged... |
| CVE-2022-21585 | 2022-07-19 | Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged... |
| CVE-2022-21586 | 2022-07-19 | Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged... |
| CVE-2021-46828 | 2022-07-20 | In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an... |
| CVE-2022-31160 | 2022-07-20 | jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label |
| CVE-2022-32456 | 2022-07-20 | Data Systems Consulting Co., Ltd. BPM - SQL Injection |
| CVE-2022-32457 | 2022-07-20 | Data Systems Consulting Co., Ltd. BPM - Blind Server-Side Request Forgery (SSRF) |
| CVE-2022-32458 | 2022-07-20 | Data Systems Consulting Co., Ltd. BPM - XML External Entity (XXE) Injection |
| CVE-2022-32958 | 2022-07-20 | TEAMPLUS TECHNOLOGY INC. Teamplus Pro - Allocation of Resources Without Limits or Throttling |
| CVE-2022-32959 | 2022-07-20 | HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow |
| CVE-2022-32960 | 2022-07-20 | HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow |
| CVE-2022-32961 | 2022-07-20 | HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow |
| CVE-2022-32962 | 2022-07-20 | HiCOS’ client-side citizen digital certificate - Double Free |
| CVE-2022-33967 | 2022-07-20 | squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs... |
| CVE-2022-34866 | 2022-07-20 | Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS... |
| CVE-2022-31250 | 2022-07-20 | keylime %post scriplet allows for privilege escalation from keylime user to root |
| CVE-2022-2486 | 2022-07-20 | WAVLINK WN535K2/WN535K3 os command injection |
| CVE-2022-2487 | 2022-07-20 | WAVLINK WN535K2/WN535K3 nightled.cgi os command injection |
| CVE-2022-2488 | 2022-07-20 | WAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injection |
| CVE-2022-2489 | 2022-07-20 | SourceCodester Simple E-Learning System classRoom.php sql injection |
| CVE-2022-2490 | 2022-07-20 | SourceCodester Simple E-Learning System search.php sql injection |
| CVE-2022-2491 | 2022-07-20 | SourceCodester Library Management System lab.php sql injection |
| CVE-2022-2492 | 2022-07-20 | SourceCodester Library Management System index.php sql injection |
| CVE-2022-36321 | 2022-07-20 | In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases |
| CVE-2022-36322 | 2022-07-20 | In JetBrains TeamCity before 2022.04.2 build parameter injection was possible |
| CVE-2022-24657 | 2022-07-20 | Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol (port 22). |
| CVE-2022-24659 | 2022-07-20 | Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device. |
| CVE-2022-24660 | 2022-07-20 | The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed publicly on the web interface, allowing attackers to access passwords and other sensitive information in... |
| CVE-2021-31858 | 2022-07-20 | DotNetNuke (DNN) 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted... |
| CVE-2022-34599 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. |
| CVE-2022-34600 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. |
| CVE-2022-34601 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. |
| CVE-2022-34602 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. |
| CVE-2022-34603 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. |
| CVE-2022-34604 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp. |
| CVE-2022-34605 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp. |
| CVE-2022-34606 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp. |
| CVE-2022-34607 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp. |
| CVE-2022-34608 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget. |
| CVE-2022-34609 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp. |
| CVE-2022-34610 | 2022-07-20 | H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app. |
| CVE-2022-22202 | 2022-07-20 | Junos OS: PTX Series: FPCs may restart unexpectedly upon receipt of specific MPLS packets with certain multi-unit interface configurations |
| CVE-2022-22203 | 2022-07-20 | Junos OS: EX4600 Series and QFX5000 Series: Receipt of specific traffic will lead to an fxpc process crash followed by an FPC reboot |
| CVE-2022-22204 | 2022-07-20 | Junos OS: MX Series and SRX Series: When receiving a specific SIP packets stale call table entries are created which eventually leads to a DoS for all SIP traffic |
| CVE-2022-22205 | 2022-07-20 | Junos OS: SRX Series: An FPC memory leak can occur in an APBR scenario |
| CVE-2022-22206 | 2022-07-20 | Junos OS: SRX series: The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search |
| CVE-2022-22207 | 2022-07-20 | Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crash |
| CVE-2022-22209 | 2022-07-20 | Junos OS: RIB and PFEs can get out of sync due to a memory leak caused by interface flaps or route churn |
| CVE-2022-22210 | 2022-07-20 | Junos OS: QFX5000 Series and MX Series: An l2alm crash leading to an FPC crash can be observed in VxLAN scenario |
| CVE-2022-22212 | 2022-07-20 | Junos OS Evolved: A high rate of specific hostbound traffic will cause unexpected hostbound traffic delays or drops |
| CVE-2022-22213 | 2022-07-20 | Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt of specific BGP update |
| CVE-2022-22214 | 2022-07-20 | Junos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crash |
| CVE-2022-22215 | 2022-07-20 | Junos OS and Junos OS Evolved: /var/run/<pid>.env files are potentially not deleted during termination of a gRPC connection causing inode exhaustion |
| CVE-2022-22216 | 2022-07-20 | Junos OS: PTX Series and QFX10000 Series: 'Etherleak' memory disclosure in Ethernet padding data |
| CVE-2022-22217 | 2022-07-20 | Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of crafted MLD packets on multi-homing ESI in VXLAN |
| CVE-2022-22221 | 2022-07-20 | Junos OS: SRX and EX Series: Local privilege escalation flaw in "download" functionality |
| CVE-2022-34150 | 2022-07-20 | ICSA-22-200-01 MiCODUS MV720 GPS tracker Authorization Bypass Through User-Controlled Key |