CVE List - 2022 / January
Showing 901 - 1000 of 1988 CVEs for January 2022 (Page 10 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-39678 | 2022-01-14 | In <TBD> of <TBD>, there is a possible bypass of... |
| CVE-2021-39679 | 2022-01-14 | In init of vendor_graphicbuffer_meta.cpp, there is a possible use after... |
| CVE-2021-39680 | 2022-01-14 | In sec_SHA256_Transform of sha256_core.c, there is a possible way to... |
| CVE-2021-39681 | 2022-01-14 | In delete_protocol of main.c, there is a possible arbitrary code... |
| CVE-2021-39682 | 2022-01-14 | In mgm_alloc_page of memory_group_manager.c, there is a possible out of... |
| CVE-2021-45773 | 2022-01-14 | A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870... |
| CVE-2021-39683 | 2022-01-14 | In copy_from_mbox of sss_ice_util.c, there is a possible out of... |
| CVE-2021-39684 | 2022-01-14 | In target_init of gs101/abl/target/slider/target.c, there is a possible allocation of... |
| CVE-2021-1035 | 2022-01-14 | In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to... |
| CVE-2021-1036 | 2022-01-14 | In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due... |
| CVE-2021-1037 | 2022-01-14 | The broadcast that DevicePickerFragment sends when a new device is... |
| CVE-2022-22530 | 2022-01-14 | The F0743 Create Single Payment application of SAP S/4HANA -... |
| CVE-2021-44234 | 2022-01-14 | SAP Business One - version 10.0, extended log stores information... |
| CVE-2022-22531 | 2022-01-14 | The F0743 Create Single Payment application of SAP S/4HANA -... |
| CVE-2022-22529 | 2022-01-14 | SAP Enterprise Threat Detection (ETD) - version 2.0, does not... |
| CVE-2021-42067 | 2022-01-14 | In SAP NetWeaver AS for ABAP and ABAP Platform -... |
| CVE-2021-38126 | 2022-01-14 | Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise... |
| CVE-2021-38127 | 2022-01-14 | Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise... |
| CVE-2022-0130 | 2022-01-14 | Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a... |
| CVE-2021-28500 | 2022-01-14 | An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. |
| CVE-2022-22290 | 2022-01-14 | Incorrect download source UI in Downloads in Samsung Internet prior... |
| CVE-2021-36920 | 2022-01-14 | WordPress plugin Download Monitor <= 4.4.6 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2021-3965 | 2022-01-14 | Certain HP DesignJet products may be vulnerable to unauthenticated HTTP... |
| CVE-2021-44530 | 2022-01-14 | An injection vulnerability exists in a third-party library used in... |
| CVE-2021-46195 | 2022-01-14 | GCC v12.0 was discovered to contain an uncontrolled recursion via... |
| CVE-2021-45406 | 2022-01-14 | In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker... |
| CVE-2021-44828 | 2022-01-14 | Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost... |
| CVE-2021-46020 | 2022-01-14 | An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can... |
| CVE-2021-46021 | 2022-01-14 | An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils... |
| CVE-2021-46168 | 2022-01-14 | Spin v6.5.1 was discovered to contain an out-of-bounds write in... |
| CVE-2021-46169 | 2022-01-14 | Modex v2.11 was discovered to contain an Use-After-Free vulnerability via... |
| CVE-2021-23567 | 2022-01-14 | Denial of Service (DoS) |
| CVE-2021-46170 | 2022-01-14 | An issue was discovered in JerryScript commit a6ab5e9. There is... |
| CVE-2021-46171 | 2022-01-14 | Modex v2.11 was discovered to contain a NULL pointer dereference... |
| CVE-2021-23566 | 2022-01-14 | Information Exposure |
| CVE-2021-24044 | 2022-01-15 | By passing invalid javascript code where await and yield were... |
| CVE-2022-23094 | 2022-01-15 | Libreswan 4.2 through 4.5 allows remote attackers to cause a... |
| CVE-2021-33963 | 2022-01-15 | China Mobile An Lianbao WF-1 v1.0.1 router web interface through... |
| CVE-2021-44049 | 2022-01-15 | CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows... |
| CVE-2022-23095 | 2022-01-15 | Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading... |
| CVE-2022-23178 | 2022-01-15 | An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When... |
| CVE-2021-32545 | 2022-01-15 | Pexip Infinity before 26 allows remote denial of service because... |
| CVE-2021-33498 | 2022-01-15 | Pexip Infinity before 26 allows remote denial of service because... |
| CVE-2021-33499 | 2022-01-15 | Pexip Infinity before 26 allows remote denial of service because... |
| CVE-2021-35969 | 2022-01-15 | Pexip Infinity before 26 allows temporary remote Denial of Service... |
| CVE-2021-42555 | 2022-01-15 | Pexip Infinity before 26.2 allows temporary remote Denial of Service... |
| CVE-2020-28919 | 2022-01-15 | A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x... |
| CVE-2021-44537 | 2022-01-15 | ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server... |
| CVE-2021-33828 | 2022-01-15 | The files_antivirus component before 1.0.0 for ownCloud mishandles the protection... |
| CVE-2021-33827 | 2022-01-15 | The files_antivirus component before 1.0.0 for ownCloud allows OS Command... |
| CVE-2022-0235 | 2022-01-16 | Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch |
| CVE-2022-0238 | 2022-01-16 | Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite |
| CVE-2021-4170 | 2022-01-16 | Cross-site Scripting (XSS) - Stored in janeczku/calibre-web |
| CVE-2021-25025 | 2022-01-17 | Event Calendar < 1.1.51 - Subscriber+ Event Creation |
| CVE-2022-23303 | 2022-01-17 | The implementations of SAE in hostapd before 2.10 and wpa_supplicant... |
| CVE-2022-23304 | 2022-01-17 | The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant... |
| CVE-2022-0239 | 2022-01-17 | Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp |
| CVE-2022-0131 | 2022-01-17 | Jimoty App for Android versions prior to 3.7.42 uses a... |
| CVE-2022-0180 | 2022-01-17 | Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master... |
| CVE-2022-0181 | 2022-01-17 | Reflected cross-site scripting vulnerability in Quiz And Survey Master versions... |
| CVE-2022-0182 | 2022-01-17 | Stored cross-site scripting vulnerability in Quiz And Survey Master versions... |
| CVE-2022-0183 | 2022-01-17 | Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware... |
| CVE-2022-0184 | 2022-01-17 | Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and... |
| CVE-2021-4171 | 2022-01-17 | Business Logic Errors in janeczku/calibre-web |
| CVE-2021-3853 | 2022-01-17 | Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq |
| CVE-2021-3857 | 2022-01-17 | Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq |
| CVE-2021-4164 | 2022-01-17 | Cross-Site Request Forgery (CSRF) in janeczku/calibre-web |
| CVE-2021-24838 | 2022-01-17 | AnyComment < 0.3.5 - Open Redirect |
| CVE-2021-24909 | 2022-01-17 | ACF Photo Gallery Field < 1.7.5 - Reflected Cross-Site Scripting |
| CVE-2021-25005 | 2022-01-17 | SEUR Oficial < 1.7.0 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-25024 | 2022-01-17 | Event Calendar < 1.1.51 - Reflected Cross-Site Scripting |
| CVE-2021-25036 | 2022-01-17 | All In One SEO < 4.1.5.3 - Authenticated Privilege Escalation |
| CVE-2021-25037 | 2022-01-17 | All In One SEO < 4.1.5.3 - Authenticated SQL Injection |
| CVE-2021-25046 | 2022-01-17 | Modern Events Calendar Lite < 6.2.0 - Subscriber+ Category Add Leading to Stored XSS |
| CVE-2021-25061 | 2022-01-17 | WP Booking System – Booking Calendar < 2.0.15 - Authenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2021-25065 | 2022-01-17 | Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2021-25067 | 2022-01-17 | Landing Page Builder < 1.4.9.6 - Authenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2022-0253 | 2022-01-17 | Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat |
| CVE-2022-0240 | 2022-01-17 | NULL Pointer Dereference in mruby/mruby |
| CVE-2021-3862 | 2022-01-17 | Cross-site Scripting (XSS) - Reflected in icecoder/icecoder |
| CVE-2022-0256 | 2022-01-17 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2022-0258 | 2022-01-17 | SQL Injection in pimcore/pimcore |
| CVE-2022-0257 | 2022-01-17 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2021-33040 | 2022-01-17 | managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS. |
| CVE-2021-38965 | 2022-01-17 | IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow... |
| CVE-2022-0242 | 2022-01-17 | Unrestricted Upload of File with Dangerous Type in crater-invoice/crater |
| CVE-2021-42357 | 2022-01-17 | DOM based XSS Vulnerability in Apache Knox |
| CVE-2022-22703 | 2022-01-17 | In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before... |
| CVE-2022-0261 | 2022-01-18 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-0245 | 2022-01-18 | Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat |
| CVE-2021-44757 | 2022-01-18 | Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP... |
| CVE-2021-45394 | 2022-01-18 | An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers... |
| CVE-2021-33964 | 2022-01-18 | China Mobile An Lianbao WF-1 V1.0.1 router provides a web... |
| CVE-2021-33965 | 2022-01-18 | China Mobile An Lianbao WF-1 V1.0.1 router provides a web... |
| CVE-2021-38783 | 2022-01-18 | There is a Out-of-Bound Write in the Allwinner R818 SoC... |
| CVE-2021-38784 | 2022-01-18 | There is a NULL pointer dereference in the syscall open_exec... |
| CVE-2021-38785 | 2022-01-18 | There is a NULL pointer deference in the Allwinner R818... |
| CVE-2021-38694 | 2022-01-18 | SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. |
| CVE-2021-38695 | 2022-01-18 | SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site... |
| CVE-2021-22566 | 2022-01-18 | Incorrect mapping of Executable bits in Fuchsia Kernel |