CVE List - 2022 / October
Showing 1 - 100 of 1849 CVEs for October 2022 (Page 1 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-42003 | 2022-10-02 | In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion... |
| CVE-2022-42004 | 2022-10-02 | In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because... |
| CVE-2022-33886 | 2022-10-03 | A maliciously crafted MODEL and SLDPRT file can be used... |
| CVE-2022-33890 | 2022-10-03 | A maliciously crafted PCT or DWF file when consumed through... |
| CVE-2022-36551 | 2022-10-03 | A Server Side Request Forgery (SSRF) in the Data Import... |
| CVE-2022-41301 | 2022-10-03 | A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application... |
| CVE-2022-41040 | 2022-10-03 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
| CVE-2022-41082 | 2022-10-03 | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2022-40886 | 2022-10-03 | DedeCMS 5.7.98 has a file upload vulnerability in the background. |
| CVE-2022-32173 | 2022-10-03 | OrchardCore - HTML Injection |
| CVE-2022-38817 | 2022-10-03 | Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access... |
| CVE-2022-40922 | 2022-10-03 | A vulnerability in the LIEF::MachO::BinaryParser::init_and_parse function of LIEF v0.12.1 allows... |
| CVE-2022-40123 | 2022-10-03 | mojoPortal v2.7 was discovered to contain a path traversal vulnerability... |
| CVE-2022-2628 | 2022-10-03 | DSGVO All in one for WP < 4.2 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-2763 | 2022-10-03 | WP Socializer < 7.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-2839 | 2022-10-03 | Zephyr Project Manager < 3.2.55 - Unauthorised AJAX Calls To Stored XSS |
| CVE-2022-3124 | 2022-10-03 | Frontend File Manager < 21.3 - Unauthenticated File Renaming |
| CVE-2022-3125 | 2022-10-03 | Frontend File Manager < 21.3 - Subscriber+ Arbitrary File Upload |
| CVE-2022-3128 | 2022-10-03 | Donation Thermometer < 2.1.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-3132 | 2022-10-03 | Goolytics - Simple Google Analytics < 1.1.2 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-41419 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a memory leak via... |
| CVE-2022-41420 | 2022-10-03 | nasm v2.16 was discovered to contain a stack overflow in... |
| CVE-2022-41423 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a segmentation violation in... |
| CVE-2022-41424 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a memory leak via... |
| CVE-2022-41425 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a segmentation violation via... |
| CVE-2022-41426 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a memory leak via... |
| CVE-2022-41427 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a memory leak in... |
| CVE-2022-41428 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a heap overflow via... |
| CVE-2022-41429 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a heap overflow via... |
| CVE-2022-41430 | 2022-10-03 | Bento4 v1.6.0-639 was discovered to contain a heap overflow via... |
| CVE-2022-40764 | 2022-10-03 | Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk... |
| CVE-2022-33889 | 2022-10-03 | A maliciously crafted GIF or JPEG files when parsed through... |
| CVE-2022-33884 | 2022-10-03 | Parsing a maliciously crafted X_B file can force Autodesk AutoCAD... |
| CVE-2022-33885 | 2022-10-03 | A maliciously crafted X_B, CATIA, and PDF file when parsed... |
| CVE-2022-33887 | 2022-10-03 | A maliciously crafted PDF file when parsed through Autodesk AutoCAD... |
| CVE-2022-33888 | 2022-10-03 | A malicious crafted Dwg2Spd file when processed through Autodesk DWG... |
| CVE-2022-33883 | 2022-10-03 | A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser,... |
| CVE-2022-42308 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 8.2 and... |
| CVE-2022-42307 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and... |
| CVE-2022-42306 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 8.2 and... |
| CVE-2022-42305 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and... |
| CVE-2022-42304 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 10.0 and... |
| CVE-2022-42303 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 10.0 and... |
| CVE-2022-42302 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 10.0 and... |
| CVE-2022-42301 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and... |
| CVE-2022-42300 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and... |
| CVE-2022-42299 | 2022-10-03 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and... |
| CVE-2022-40721 | 2022-10-03 | Arbitrary file upload vulnerability in php uploader |
| CVE-2022-33882 | 2022-10-03 | Under certain conditions, an attacker could create an unintended sphere... |
| CVE-2022-41443 | 2022-10-03 | phpipam v1.5.0 was discovered to contain a header injection vulnerability... |
| CVE-2022-42247 | 2022-10-03 | pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2021-40556 | 2022-10-06 | A stack overflow vulnerability exists in the httpd service in... |
| CVE-2022-26235 | 2022-10-06 | A vulnerability was discovered in the Remisol Advance v2.0.12.1 and... |
| CVE-2022-26236 | 2022-10-06 | The default privileges for the running service Normand Remisol Advance... |
| CVE-2022-26237 | 2022-10-06 | The default privileges for the running service Normand Viewer Service... |
| CVE-2022-26238 | 2022-10-06 | The default privileges for the running service Normand Service Manager... |
| CVE-2022-26239 | 2022-10-06 | The default privileges for the running service Normand License Manager... |
| CVE-2022-26240 | 2022-10-06 | The default privileges for the running service Normand Message Buffer... |
| CVE-2022-2637 | 2022-10-06 | Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter |
| CVE-2022-2781 | 2022-10-06 | In affected versions of Octopus Server it was identified that... |
| CVE-2022-27810 | 2022-10-06 | It was possible to trigger an infinite recursion condition in... |
| CVE-2022-2783 | 2022-10-06 | In affected versions of Octopus Server it was identified that... |
| CVE-2022-2975 | 2022-10-06 | Avaya Aura Application Enablement Services weak permissions in web application |
| CVE-2022-2986 | 2022-10-06 | Enabling and disabling installed H5P libraries did not include the... |
| CVE-2022-3002 | 2022-10-06 | Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm |
| CVE-2022-3273 | 2022-10-06 | Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb |
| CVE-2022-3376 | 2022-10-06 | Weak Password Requirements in ikus060/rdiffweb |
| CVE-2022-3389 | 2022-10-06 | Path Traversal in ikus060/rdiffweb |
| CVE-2022-37888 | 2022-10-06 | There are buffer overflow vulnerabilities in multiple underlying services that... |
| CVE-2022-39988 | 2022-10-06 | A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows attackers... |
| CVE-2022-40159 | 2022-10-06 | Stack Overflow in JXPath |
| CVE-2022-40160 | 2022-10-06 | Stack Overflow in JXPath |
| CVE-2022-40494 | 2022-10-06 | NPS before v0.26.10 was discovered to contain an authentication bypass... |
| CVE-2022-40895 | 2022-10-06 | In certain Nedi products, a vulnerability in the web UI... |
| CVE-2022-41355 | 2022-10-06 | Online Leave Management System v1.0 was discovered to contain a... |
| CVE-2022-41517 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow... |
| CVE-2022-41518 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection... |
| CVE-2022-41520 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack... |
| CVE-2022-41521 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack... |
| CVE-2022-41522 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an unauthenticated stack... |
| CVE-2022-41523 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack... |
| CVE-2022-41524 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack... |
| CVE-2022-41525 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection... |
| CVE-2022-41526 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack... |
| CVE-2022-41527 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack... |
| CVE-2022-41528 | 2022-10-06 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack... |
| CVE-2022-41556 | 2022-10-06 | A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66... |
| CVE-2022-42241 | 2022-10-06 | Simple Cold Storage Management System v1.0 is vulnerable to SQL... |
| CVE-2022-42242 | 2022-10-06 | Simple Cold Storage Management System v1.0 is vulnerable to SQL... |
| CVE-2022-42243 | 2022-10-06 | Simple Cold Storage Management System v1.0 is vulnerable to SQL... |
| CVE-2022-42249 | 2022-10-06 | Simple Cold Storage Management System v1.0 is vulnerable to SQL... |
| CVE-2022-42250 | 2022-10-06 | Simple Cold Storage Management System v1.0 is vulnerable to SQL... |
| CVE-2022-42457 | 2022-10-06 | Generex CS141 through 2.10 allows remote command execution by administrators... |
| CVE-2022-31008 | 2022-10-06 | Predictable credential obfuscation seed value used in rabbitmq-server |
| CVE-2022-39222 | 2022-10-06 | OAuth authorization code exposure in Dex |
| CVE-2022-39237 | 2022-10-06 | Digital Signature Hash Algorithms Not Validated in sylabs/sif |
| CVE-2022-39244 | 2022-10-06 | Buffer overflow in pjlib scanner and pjmedia |
| CVE-2022-39265 | 2022-10-06 | Mail settings' command parameter injection in mybb |
| CVE-2022-39269 | 2022-10-06 | Media transport downgrade from the secure version (SRTP) to non-secure (RTP) in pjsip |
| CVE-2022-39270 | 2022-10-06 | Arbitrary HTML injection in table-of-contents theme component in DiscoTOC |