CVE List - 2022 / October
Showing 901 - 1000 of 1849 CVEs for October 2022 (Page 10 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-23769 | 2022-10-17 | Secuever reverseWall-MDS Remote Code Execution Vulnerability |
| CVE-2022-23770 | 2022-10-17 | WISA Smart Wing CMS Remote Command Execution Vulnerability |
| CVE-2022-23771 | 2022-10-17 | IPTIME NAS1DUAL CSRF Vulnerability |
| CVE-2022-2428 | 2022-10-17 | A crafted tag in the Jupyter Notebook viewer in GitLab... |
| CVE-2022-2455 | 2022-10-17 | A business logic issue in the handling of large repositories... |
| CVE-2022-2527 | 2022-10-17 | An issue in Incident Timelines has been discovered in GitLab... |
| CVE-2022-2533 | 2022-10-17 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2022-2563 | 2022-10-17 | Tutor LMS < 2.0.10 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-25723 | 2022-10-17 | Memory corruption in multimedia due to use after free during... |
| CVE-2022-2574 | 2022-10-17 | Meks Easy Social Share < 1.2.8 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-25750 | 2022-10-17 | Memory corruption in BTHOST due to double free while music... |
| CVE-2022-2592 | 2022-10-17 | A lack of length validation in Snippet descriptions in GitLab... |
| CVE-2022-2630 | 2022-10-17 | An improper access control issue in GitLab CE/EE affecting all... |
| CVE-2022-28291 | 2022-10-17 | Insufficiently Protected Credentials: An authenticated user with debug privileges can... |
| CVE-2022-2834 | 2022-10-17 | Helpful < 4.5.26 - Information Disclosure |
| CVE-2022-2865 | 2022-10-17 | A cross-site scripting issue has been discovered in GitLab CE/EE... |
| CVE-2022-2884 | 2022-10-17 | A vulnerability in GitLab CE/EE affecting all versions from 11.3.4... |
| CVE-2022-2908 | 2022-10-17 | A potential DoS vulnerability was discovered in Gitlab CE/EE versions... |
| CVE-2022-2931 | 2022-10-17 | A potential DOS vulnerability was discovered in GitLab CE/EE affecting... |
| CVE-2022-2992 | 2022-10-17 | A vulnerability in GitLab CE/EE affecting all versions from 11.10... |
| CVE-2022-3030 | 2022-10-17 | An improper access control issue in GitLab CE/EE affecting all... |
| CVE-2022-3031 | 2022-10-17 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2022-3060 | 2022-10-17 | Improper control of a resource identifier in Error Tracking in... |
| CVE-2022-3066 | 2022-10-17 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2022-3067 | 2022-10-17 | An issue has been discovered in the Import functionality of... |
| CVE-2022-3082 | 2022-10-17 | miniOrange Discord Integration < 2.1.6 - Subscriber+ App Disabling |
| CVE-2022-3126 | 2022-10-17 | Frontend File Manager < 21.4 - File Upload via CSRF |
| CVE-2022-3131 | 2022-10-17 | Search Logger <= 0.9 - Admin+ SQLi |
| CVE-2022-3139 | 2022-10-17 | We’re Open! < 1.42 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-3149 | 2022-10-17 | WP Custom Cursors < 3.0.1 - Stored Cross-Site Scripting via CSRF |
| CVE-2022-3150 | 2022-10-17 | WP Custom Cursors < 3.2 - Admin+ SQLi |
| CVE-2022-3151 | 2022-10-17 | WP Custom Cursors < 3.0.1 - Arbitrary Cursor Deletion via CSRF |
| CVE-2022-3158 | 2022-10-17 | Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31... |
| CVE-2022-3165 | 2022-10-17 | An integer underflow issue was found in the QEMU VNC... |
| CVE-2022-3206 | 2022-10-17 | Passster < 3.5.5.5.2 - Insecure Storage of Password |
| CVE-2022-3243 | 2022-10-17 | Import all XML, CSV & TXT into WordPress < 6.5.8 - Admin+ SQLi |
| CVE-2022-3244 | 2022-10-17 | Import all XML, CSV & TXT into WordPress < 6.5.8 - Missing Authorisation |
| CVE-2022-3279 | 2022-10-17 | An unhandled exception in job log parsing in GitLab CE/EE... |
| CVE-2022-3282 | 2022-10-17 | Drag and Drop Multiple File Upload < 1.3.6.5 - File Upload Size Limit Bypass |
| CVE-2022-3283 | 2022-10-17 | A potential DOS vulnerability was discovered in GitLab CE/EE affecting... |
| CVE-2022-3286 | 2022-10-17 | Lack of IP address checking in GitLab EE affecting all... |
| CVE-2022-3288 | 2022-10-17 | A branch/tag name confusion in GitLab CE/EE affecting all versions... |
| CVE-2022-3291 | 2022-10-17 | Serialization of sensitive data in GitLab EE affecting all versions... |
| CVE-2022-3293 | 2022-10-17 | Email addresses were leaked in WebHook logs in GitLab EE... |
| CVE-2022-33210 | 2022-10-17 | Memory corruption in automotive multimedia due to use of out-of-range... |
| CVE-2022-33214 | 2022-10-17 | Memory corruption in display due to time-of-check time-of-use of metadata... |
| CVE-2022-33217 | 2022-10-17 | Memory corruption in Qualcomm IPC due to buffer copy without... |
| CVE-2022-3325 | 2022-10-17 | Improper access control in the GitLab CE/EE API affecting all... |
| CVE-2022-3330 | 2022-10-17 | It was possible for a guest user to read a... |
| CVE-2022-3331 | 2022-10-17 | An issue has been discovered in GitLab EE affecting all... |
| CVE-2022-3351 | 2022-10-17 | An issue has been discovered in GitLab EE affecting all... |
| CVE-2022-3421 | 2022-10-17 | Privilege escalation in Google Drive for Desktop on MacOS |
| CVE-2022-3517 | 2022-10-17 | A vulnerability was found in the minimatch package. This flaw... |
| CVE-2022-3533 | 2022-10-17 | Linux Kernel BPF usdt.c parse_usdt_arg memory leak |
| CVE-2022-3534 | 2022-10-17 | Linux Kernel libbpf btf_dump.c btf_dump_name_dups use after free |
| CVE-2022-3540 | 2022-10-17 | An issue has been discovered in hunter2 affecting all versions... |
| CVE-2022-3541 | 2022-10-17 | Linux Kernel BPF spl2sw_driver.c spl2sw_nvmem_get_mac_address use after free |
| CVE-2022-3544 | 2022-10-17 | Linux Kernel Netfilter sysfs.c damon_sysfs_add_target memory leak |
| CVE-2022-3545 | 2022-10-17 | Linux Kernel IPsec nfp_cppcore.c area_cache_get use after free |
| CVE-2022-3550 | 2022-10-17 | X.org Server xkb.c _GetCountedString buffer overflow |
| CVE-2022-3551 | 2022-10-17 | X.org Server xkb.c ProcXkbGetKbdByName memory leak |
| CVE-2022-3552 | 2022-10-17 | Unrestricted Upload of File with Dangerous Type in boxbilling/boxbilling |
| CVE-2022-3553 | 2022-10-17 | X.org Server xquartz X11Controller.m denial of service |
| CVE-2022-3559 | 2022-10-17 | Exim Regex use after free |
| CVE-2022-3563 | 2022-10-17 | Linux Kernel BlueZ mgmt-tester.c read_50_controller_cap_complete null pointer dereference |
| CVE-2022-3566 | 2022-10-17 | Linux Kernel TCP tcp_setsockopt race condition |
| CVE-2022-3567 | 2022-10-17 | Linux Kernel IPv6 inet6_dgram_ops race condition |
| CVE-2022-38743 | 2022-10-17 | Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31... |
| CVE-2022-40055 | 2022-10-17 | An issue in GX Group GPON ONT Titanium 2122A T2122-V1.26EXL... |
| CVE-2022-40605 | 2022-10-17 | MITRE CALDERA before 4.1.0 allows XSS in the Operations tab... |
| CVE-2022-40606 | 2022-10-17 | MITRE CALDERA before 4.1.0 allows XSS in the Operations tab... |
| CVE-2022-41139 | 2022-10-17 | MITRE CALDERA 4.1.0 allows stored XSS via app.contact.gist (aka the... |
| CVE-2022-41431 | 2022-10-17 | xzs v3.8.0 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-41471 | 2022-10-17 | 74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily... |
| CVE-2022-41472 | 2022-10-17 | 74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-41498 | 2022-10-17 | Billing System Project v1.0 was discovered to contain a SQL... |
| CVE-2022-41542 | 2022-10-17 | devhub 0.102.0 was discovered to contain a broken session control. |
| CVE-2022-41751 | 2022-10-17 | Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by... |
| CVE-2022-42029 | 2022-10-17 | Chamilo 1.11.16 is affected by an authenticated local file inclusion... |
| CVE-2022-42142 | 2022-10-17 | Online Tours & Travels Management System v1.0 is vulnerable to... |
| CVE-2022-42143 | 2022-10-17 | Open Source SACCO Management System v1.0 is vulnerable to SQL... |
| CVE-2022-42147 | 2022-10-17 | kkFileView 4.0 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2022-42149 | 2022-10-17 | kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via... |
| CVE-2022-42154 | 2022-10-17 | An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of... |
| CVE-2022-42163 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromNatStaticSetting. |
| CVE-2022-42164 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState. |
| CVE-2022-42165 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName. |
| CVE-2022-42166 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetSpeedWan. |
| CVE-2022-42167 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetFirewallCfg. |
| CVE-2022-42168 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind. |
| CVE-2022-42169 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter. |
| CVE-2022-42170 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart. |
| CVE-2022-42171 | 2022-10-17 | Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo. |
| CVE-2022-42221 | 2022-10-17 | Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in... |
| CVE-2022-42237 | 2022-10-17 | A SQL Injection issue in Merchandise Online Store v.1.0 allows... |
| CVE-2022-42975 | 2022-10-17 | socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView... |
| CVE-2022-42980 | 2022-10-17 | go-admin (aka GO Admin) 2.0.12 uses the string go-admin as... |
| CVE-2022-42983 | 2022-10-17 | anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication... |
| CVE-2022-2052 | 2022-10-17 | TRUMPF TruTops default user accounts vulnerability |
| CVE-2022-3281 | 2022-10-17 | WAGO: multiple products - Loss of MAC-Address-Filtering after reboot |