CVE List - 2022 / October
Showing 1601 - 1700 of 1849 CVEs for October 2022 (Page 17 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-20955 | 2022-10-26 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities |
| CVE-2022-20959 | 2022-10-26 | Cisco Identity Services Engine Cross-Site Scripting Vulnerability |
| CVE-2022-20776 | 2022-10-26 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities |
| CVE-2022-40238 | 2022-10-26 | A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5 |
| CVE-2022-40703 | 2022-10-26 | CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Kardia App... |
| CVE-2022-3714 | 2022-10-27 | SourceCodester Online Medicine Ordering System sql injection |
| CVE-2022-3716 | 2022-10-27 | SourceCodester Online Medicine Ordering System cross site scripting |
| CVE-2022-2508 | 2022-10-27 | In affected versions of Octopus Server it is possible to... |
| CVE-2022-3095 | 2022-10-27 | Incorrect parsing of the backslash characters in Dart library |
| CVE-2022-31898 | 2022-10-27 | gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered... |
| CVE-2022-32407 | 2022-10-27 | Softr v2.0 was discovered to contain a Cross-Site Scripting (XSS)... |
| CVE-2022-36182 | 2022-10-27 | Hashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for... |
| CVE-2022-3725 | 2022-10-27 | Crash in the OPUS protocol dissector in Wireshark 3.6.0 to... |
| CVE-2022-39329 | 2022-10-27 | Profile of disabled user stays accessible |
| CVE-2022-39330 | 2022-10-27 | Database resource exhaustion for logged-in users via sharee recommendations with circles |
| CVE-2022-39364 | 2022-10-27 | Exception logging in Sharepoint app reveals clear-text connection details |
| CVE-2022-39365 | 2022-10-27 | RCE vulnerability in Pimcore/Mail & Dynamic Text Layout |
| CVE-2022-39976 | 2022-10-27 | School Activity Updates with SMS Notification v1.0 was discovered to... |
| CVE-2022-39977 | 2022-10-27 | Online Pet Shop We App v1.0 was discovered to contain... |
| CVE-2022-39978 | 2022-10-27 | Online Pet Shop We App v1.0 was discovered to contain... |
| CVE-2022-40183 | 2022-10-27 | Reflected Cross Site Scripting (XSS) in VIDEOJET multi 4000 |
| CVE-2022-40184 | 2022-10-27 | Stored Cross Site Scripting (XSS) in VIDEOJET multi 4000 |
| CVE-2022-40874 | 2022-10-27 | Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow... |
| CVE-2022-40875 | 2022-10-27 | Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow... |
| CVE-2022-40876 | 2022-10-27 | In Tenda ax1803 v1.0.0.1, the http requests handled by the... |
| CVE-2022-42054 | 2022-10-27 | Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT... |
| CVE-2022-42055 | 2022-10-27 | Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management... |
| CVE-2022-42991 | 2022-10-27 | A stored cross-site scripting (XSS) vulnerability in Simple Online Public... |
| CVE-2022-42992 | 2022-10-27 | Multiple stored cross-site scripting (XSS) vulnerabilities in Train Scheduler App... |
| CVE-2022-42993 | 2022-10-27 | Password Storage Application v1.0 was discovered to contain a cross-site... |
| CVE-2022-43340 | 2022-10-27 | A Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows attackers... |
| CVE-2022-43364 | 2022-10-27 | An access control issue in the password reset page of... |
| CVE-2022-43365 | 2022-10-27 | IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow... |
| CVE-2022-43366 | 2022-10-27 | IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to access sensitive information... |
| CVE-2022-43367 | 2022-10-27 | IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection... |
| CVE-2022-25918 | 2022-10-27 | Regular Expression Denial of Service (ReDoS) |
| CVE-2021-45475 | 2022-10-27 | Information disclosure in Yordam Library Information Document Automation Program |
| CVE-2021-45476 | 2022-10-27 | Information disclosure in Yordam Library Information Document Automation Program |
| CVE-2022-2809 | 2022-10-27 | Unauthenticated out of bounds heap write in bmcweb |
| CVE-2022-3409 | 2022-10-27 | Unauthenticated out of bounds stack write in bmcweb |
| CVE-2022-38744 | 2022-10-27 | FactoryTalk Alarm and Events Server Vulnerable to Denial-Of-Service Attack |
| CVE-2022-41996 | 2022-10-27 | WordPress Avada premium theme <= 7.8.1 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-24670 | 2022-10-27 | Any user can run unrestricted LDAP queries against a configuration endpoint |
| CVE-2022-24669 | 2022-10-27 | Anonymous users can register / de-register for configuration change notifications |
| CVE-2022-0072 | 2022-10-27 | Directory Traversal in OpenLiteSpeed Web Server |
| CVE-2022-0073 | 2022-10-27 | Authenticated Remote Code Execution in OpenLiteSpeed Web Server |
| CVE-2022-0074 | 2022-10-27 | Privilege Escalation in OpenLiteSpeed Web Server |
| CVE-2022-41627 | 2022-10-27 | The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based... |
| CVE-2022-40965 | 2022-10-27 | Delta Electronics DIAEnergie |
| CVE-2022-41555 | 2022-10-27 | Delta Electronics DIAEnergie |
| CVE-2022-40967 | 2022-10-27 | Delta Electronics DIAEnergie |
| CVE-2022-41701 | 2022-10-27 | Delta Electronics DIAEnergie |
| CVE-2022-41773 | 2022-10-27 | Delta Electronics DIAEnergie |
| CVE-2022-41133 | 2022-10-27 | Delta Electronics DIAEnergie |
| CVE-2022-41651 | 2022-10-27 | Delta Electronics DIAEnergie |
| CVE-2022-41702 | 2022-10-27 | Delta Electronics DIAEnergie |
| CVE-2022-3385 | 2022-10-27 | Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a... |
| CVE-2022-3386 | 2022-10-27 | Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a... |
| CVE-2022-3387 | 2022-10-27 | Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path... |
| CVE-2022-3379 | 2022-10-27 | Horner Automation's Cscape version 9.90 SP7 and prior does not... |
| CVE-2022-3378 | 2022-10-27 | Horner Automation's Cscape version 9.90 SP 7 and prior does... |
| CVE-2022-3377 | 2022-10-27 | Horner Automation's Cscape version 9.90 SP 6 and prior does... |
| CVE-2022-3729 | 2022-10-28 | seccome Ehoney attack sql injection |
| CVE-2022-3734 | 2022-10-28 | Redis on Windows dbghelp.dll uncontrolled search path |
| CVE-2022-43284 | 2022-10-28 | Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a... |
| CVE-2021-35387 | 2022-10-28 | Hospital Management System v 4.0 is vulnerable to SQL Injection... |
| CVE-2021-35388 | 2022-10-28 | Hospital Management System v 4.0 is vulnerable to Cross Site... |
| CVE-2021-37781 | 2022-10-28 | Employee Record Management System v 1.2 is vulnerable to Cross... |
| CVE-2021-37782 | 2022-10-28 | Employee Record Management System v 1.2 is vulnerable to SQL... |
| CVE-2021-38217 | 2022-10-28 | SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php. |
| CVE-2021-38728 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to Cross Site Scripting... |
| CVE-2021-38729 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via... |
| CVE-2021-38730 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via... |
| CVE-2021-38731 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via... |
| CVE-2021-38732 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL via Ant_Message.php. |
| CVE-2021-38733 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via... |
| CVE-2021-38734 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via... |
| CVE-2021-38736 | 2022-10-28 | SEMCMS Shop V 1.1 is vulnerable to SQL Injection via... |
| CVE-2021-38737 | 2022-10-28 | SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php. |
| CVE-2022-26884 | 2022-10-28 | Apache DolphinScheduler exposes files without authentication |
| CVE-2022-2826 | 2022-10-28 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2022-2882 | 2022-10-28 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2022-3018 | 2022-10-28 | An information disclosure vulnerability in GitLab CE/EE affecting all versions... |
| CVE-2022-31678 | 2022-10-28 | VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE)... |
| CVE-2022-3697 | 2022-10-28 | A flaw was found in Ansible in the amazon.aws collection... |
| CVE-2022-3730 | 2022-10-28 | seccome Ehoney falco sql injection |
| CVE-2022-3731 | 2022-10-28 | seccome Ehoney token sql injection |
| CVE-2022-3732 | 2022-10-28 | seccome Ehoney set sql injection |
| CVE-2022-3733 | 2022-10-28 | SourceCodester Web-Based Student Clearance System edit-admin.php sql injection |
| CVE-2022-3735 | 2022-10-28 | seccome Ehoney signup access control |
| CVE-2022-3741 | 2022-10-28 | Improper Restriction of Excessive Authentication Attempts in chatwoot/chatwoot |
| CVE-2022-37621 | 2022-10-28 | Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz... |
| CVE-2022-37913 | 2022-10-28 | Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... |
| CVE-2022-37914 | 2022-10-28 | Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... |
| CVE-2022-37915 | 2022-10-28 | A vulnerability in the web-based management interface of Aruba EdgeConnect... |
| CVE-2022-39366 | 2022-10-28 | DataHub missing JWT signature check |
| CVE-2022-39367 | 2022-10-28 | Vulnerability in handling of uploaded QTI ZIP files |
| CVE-2022-43164 | 2022-10-28 | A stored cross-site scripting (XSS) vulnerability in the Global Lists... |
| CVE-2022-43165 | 2022-10-28 | A stored cross-site scripting (XSS) vulnerability in the Global Variables... |
| CVE-2022-43166 | 2022-10-28 | A stored cross-site scripting (XSS) vulnerability in the Global Entities... |