CVE List - 2022 / January

Showing 1401 - 1500 of 1988 CVEs for January 2022 (Page 15 of 20)

Back to List Previous Next

CVE ID	Date	Title
CVE-2022-0323	2022-01-21	Improper Neutralization of Special Elements Used in a Template Engine in bobthecow/mustache.php
CVE-2021-44593	2022-01-21	Simple College Website 1.0 is vulnerable to unauthenticated file upload...
CVE-2021-4032	2022-01-21	A vulnerability was found in the Linux kernel's KVM subsystem...
CVE-2022-23130	2022-01-21	Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A...
CVE-2022-23728	2022-01-21	Attacker can reset the device with AT Command in the...
CVE-2022-23129	2022-01-21	Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC...
CVE-2022-23127	2022-01-21	Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E...
CVE-2022-23128	2022-01-21	Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC...
CVE-2021-40694	2022-01-21	Insufficient escaping of the LaTeX preamble made it possible for...
CVE-2021-23236	2022-01-21	Fresenius Kabi Agilia Connect Infusion System uncontrolled resource consumption
CVE-2021-23196	2022-01-21	Fresenius Kabi Agilia Connect Infusion System insufficiently protected credentials
CVE-2021-23233	2022-01-21	Fresenius Kabi Agilia Connect Infusion System
CVE-2021-33846	2022-01-21	Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm
CVE-2021-23195	2022-01-21	Fresenius Kabi Agilia Connect Infusion System exposure of information through directory listing
CVE-2021-23207	2022-01-21	Fresenius Kabi Agilia Connect Infusion System plaintext storage of a password
CVE-2021-31562	2022-01-21	Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm
CVE-2021-33843	2022-01-21	Fresenius Kabi Agilia Connect Infusion System files or directories accessible to external parties
CVE-2021-44464	2022-01-21	Fresenius Kabi Agilia Connect Infusion System hard coded credentials
CVE-2021-33848	2022-01-21	Fresenius Kabi Agilia Connect Infusion System cross site scripting
CVE-2021-41835	2022-01-21	Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm
CVE-2021-43355	2022-01-21	Fresenius Kabi Agilia Connect Infusion System use of client side authentication
CVE-2021-40692	2022-01-21	Insufficient capability checks made it possible for teachers to download...
CVE-2021-40693	2022-01-21	An authentication bypass risk was identified in the external database...
CVE-2021-40695	2022-01-21	It was possible for a student to view their quiz...
CVE-2021-40691	2022-01-21	A session hijack risk was identified in the Shibboleth authentication...
CVE-2021-33966	2022-01-21	Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated...
CVE-2021-40247	2022-01-21	SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System...
CVE-2021-40595	2022-01-21	SQL injection vulnerability in Sourcecodester Online Leave Management System v1...
CVE-2021-23664	2022-01-21	Server-side Request Forgery (SSRF)
CVE-2021-23460	2022-01-21	Prototype Pollution
CVE-2021-23631	2022-01-21	Directory Traversal
CVE-2021-23518	2022-01-21	Prototype Pollution
CVE-2021-36338	2022-01-21	Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege...
CVE-2021-36339	2022-01-21	The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user...
CVE-2022-22551	2022-01-21	DELL EMC AppSync versions 3.9 to 4.3 use GET request...
CVE-2022-22552	2022-01-21	Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking...
CVE-2022-22553	2022-01-21	Dell EMC AppSync versions 3.9 to 4.3 contain an Improper...
CVE-2021-46234	2022-01-21	A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via...
CVE-2021-46236	2022-01-21	A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via...
CVE-2021-46237	2022-01-21	An untrusted pointer dereference vulnerability exists in GPAC v1.1.0 via...
CVE-2021-46238	2022-01-21	GPAC v1.1.0 was discovered to contain a stack overflow via...
CVE-2021-46239	2022-01-21	The binary MP4Box in GPAC v1.1.0 was discovered to contain...
CVE-2021-46240	2022-01-21	A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via...
CVE-2021-46242	2022-01-21	HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via...
CVE-2021-46243	2022-01-21	An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via...
CVE-2021-46244	2022-01-21	A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis...
CVE-2021-46311	2022-01-21	A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via...
CVE-2021-46313	2022-01-21	The binary MP4Box in GPAC v1.0.1 was discovered to contain...
CVE-2021-39480	2022-01-21	Bingrep v0.8.5 was discovered to contain a memory allocation failure...
CVE-2022-23363	2022-01-21	Online Banking System v1.0 was discovered to contain a SQL...
CVE-2022-23364	2022-01-21	HMS v1.0 was discovered to contain a SQL injection vulnerability...
CVE-2022-23365	2022-01-21	HMS v1.0 was discovered to contain a SQL injection vulnerability...
CVE-2022-23366	2022-01-21	HMS v1.0 was discovered to contain a SQL injection vulnerability...
CVE-2022-21707	2022-01-21	Incorrect Authorization in wasmCloud
CVE-2022-21708	2022-01-21	Denial of Service in graphql-go
CVE-2022-23807	2022-01-22	An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and...
CVE-2022-23808	2022-01-22	An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An...
CVE-2021-4172	2022-01-22	Cross-site Scripting (XSS) - Stored in star7th/showdoc
CVE-2021-4103	2022-01-23	Cross-site Scripting (XSS) - Stored in vanessa219/vditor
CVE-2022-23850	2022-01-23	xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows...
CVE-2021-45380	2022-01-23	AppCMS 2.0.101 has a XSS injection vulnerability in \templates\m\inc_head.php
CVE-2021-46024	2022-01-23	Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via...
CVE-2021-39293	2022-01-24	In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1,...
CVE-2022-23437	2022-01-24	Infinite loop within Apache XercesJ xml parser
CVE-2021-26706	2022-01-24	An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB...
CVE-2021-30636	2022-01-24	In MediaTek LinkIt SDK before 4.6.1, there is a possible...
CVE-2022-23852	2022-01-24	Expat (aka libexpat) before 2.4.4 has a signed integer overflow...
CVE-2022-23856	2022-01-24	An issue was discovered in Saviynt Enterprise Identity Cloud (EIC)...
CVE-2022-23855	2022-01-24	An issue was discovered in Saviynt Enterprise Identity Cloud (EIC)...
CVE-2022-23857	2022-01-24	model/criteria/criteria.go in Navidrome before 0.47.5 is vulnerable to SQL injection...
CVE-2022-23858	2022-01-24	A flaw was found in the REST API. An improperly...
CVE-2021-24423	2022-01-24	UpdraftPlus < 1.16.59 - Admin+ Stored Cross-Site Scripting
CVE-2021-24694	2022-01-24	Simple Download Monitor < 3.9.11 - Contributor+ Stored Cross-Site Scripting via Shortcodes
CVE-2021-24696	2022-01-24	Simple Download Monitor < 3.9.9 - Multiple CSRF
CVE-2021-24733	2022-01-24	WP Post Page Clone < 1.2 - Unauthorised Post Access
CVE-2021-24858	2022-01-24	WP Cookie User Info < 1.0.9 - Admin+ SQL Injection
CVE-2021-24865	2022-01-24	Advanced Custom Fields: Extended < 0.8.8.7 - Admin+ SQL Injection
CVE-2021-24906	2022-01-24	Protect WP Admin < 3.6.2 - Unauthenticated Plugin Deactivation
CVE-2021-24923	2022-01-24	Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.25 - Reflected XSS
CVE-2021-24936	2022-01-24	WP Extra File Types < 0.5.1 - CSRF to Stored Cross-Site Scripting
CVE-2021-24965	2022-01-24	Five Star Restaurant Reservations < 2.4.8 - Subscriber+ Stored Cross-Site Scripting
CVE-2021-24968	2022-01-24	Ultimate FAQ < 2.1.2 - Subscriber+ Arbitrary FAQ Creation
CVE-2021-24974	2022-01-24	Product Feed PRO for WooCommerce < 11.0.7 - Subscriber+ Settings Update to Stored XSS
CVE-2021-24976	2022-01-24	Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting
CVE-2021-24985	2022-01-24	Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting
CVE-2021-24989	2022-01-24	Accept Donations with PayPal < 1.3.4 - Arbitrary Post Deletion via CSRF
CVE-2021-25008	2022-01-24	Code Snippets < 2.14.3 - Reflected Cross-Site Scripting
CVE-2021-25013	2022-01-24	Qubely < 1.7.8 - Subscriber+ Arbitrary Post Deletion
CVE-2021-25015	2022-01-24	myCred < 2.4 - Reflected Cross-Site Scripting
CVE-2021-25017	2022-01-24	Tutor LMS < 1.9.12 - Reflected Cross-Site Scripting
CVE-2021-25028	2022-01-24	Event Tickets < 5.2.2 - Open Redirect
CVE-2021-25031	2022-01-24	Image Hover Effects Ultimate < 9.7.1 - Reflected Cross-Site Scripting
CVE-2021-25035	2022-01-24	Backup and Staging by WP Time Capsule < 1.22.7 - Reflected Cross-Site Scripting
CVE-2021-25045	2022-01-24	Asgaros Forum < 1.15.15 - Admin+ SQL Injection via forum_id
CVE-2021-25049	2022-01-24	Mobile Events Manager < 1.4.4 - Admin+ Stored Cross-Site Scripting
CVE-2021-25062	2022-01-24	Orders Tracking for WooCommerce < 1.1.10 - Reflected Cross-Site Scripting
CVE-2021-25073	2022-01-24	WP125 < 1.5.5 - Arbitrary Ad Deletion via CSRF
CVE-2021-25074	2022-01-24	WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect
CVE-2021-25076	2022-01-24	WP User Frontend < 3.5.26 - SQL Injection to Reflected Cross-Site Scripting
CVE-2021-25078	2022-01-24	Affiliates Manager < 2.9.0 - Unauthenticated Stored Cross-Site Scripting