CVE List - 2022 / October
Showing 1501 - 1600 of 1849 CVEs for October 2022 (Page 16 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-32454 | 2022-10-25 | A stack-based buffer overflow vulnerability exists in the XCMD setIPCam... |
| CVE-2022-32574 | 2022-10-25 | A double-free vulnerability exists in the web interface /action/ipcamSetParamPost functionality... |
| CVE-2022-32586 | 2022-10-25 | An OS command injection vulnerability exists in the web interface... |
| CVE-2022-32760 | 2022-10-25 | A denial of service vulnerability exists in the XCMD doDebug... |
| CVE-2022-32765 | 2022-10-25 | An OS command injection vulnerability exists in the sysupgrade command... |
| CVE-2022-32773 | 2022-10-25 | An OS command injection vulnerability exists in the XCMD doDebug... |
| CVE-2022-32775 | 2022-10-25 | An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost... |
| CVE-2022-33150 | 2022-10-25 | An OS command injection vulnerability exists in the js_package install... |
| CVE-2022-33189 | 2022-10-25 | An OS command injection vulnerability exists in the XCMD setAlexa... |
| CVE-2022-33192 | 2022-10-25 | Four OS command injection vulnerabilities exist in the XCMD testWifiAP... |
| CVE-2022-33193 | 2022-10-25 | Four OS command injection vulnerabilities exist in the XCMD testWifiAP... |
| CVE-2022-33194 | 2022-10-25 | Four OS command injection vulnerabilities exist in the XCMD testWifiAP... |
| CVE-2022-33195 | 2022-10-25 | Four OS command injection vulnerabilities exist in the XCMD testWifiAP... |
| CVE-2022-33204 | 2022-10-25 | Four OS command injection vulnerabilities exists in the web interface... |
| CVE-2022-33205 | 2022-10-25 | Four OS command injection vulnerabilities exists in the web interface... |
| CVE-2022-33206 | 2022-10-25 | Four OS command injection vulnerabilities exists in the web interface... |
| CVE-2022-33207 | 2022-10-25 | Four OS command injection vulnerabilities exists in the web interface... |
| CVE-2022-33897 | 2022-10-25 | A directory traversal vulnerability exists in the web_server /ajax/remove/ functionality... |
| CVE-2022-33938 | 2022-10-25 | A format string injection vulnerability exists in the ghome_process_control_packet functionality... |
| CVE-2022-34845 | 2022-10-25 | A firmware update vulnerability exists in the sysupgrade functionality of... |
| CVE-2022-34850 | 2022-10-25 | An OS command injection vulnerability exists in the web_server /action/import_authorized_keys/... |
| CVE-2022-35244 | 2022-10-25 | A format string injection vulnerability exists in the XCMD getVarHA... |
| CVE-2022-35261 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35262 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35263 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35264 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35265 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35266 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35267 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35268 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35269 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35270 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35271 | 2022-10-25 | A denial of service vulnerability exists in the web_server hashFirst... |
| CVE-2022-35874 | 2022-10-25 | Four format string injection vulnerabilities exist in the XCMD testWifiAP... |
| CVE-2022-35875 | 2022-10-25 | Four format string injection vulnerabilities exist in the XCMD testWifiAP... |
| CVE-2022-35876 | 2022-10-25 | Four format string injection vulnerabilities exist in the XCMD testWifiAP... |
| CVE-2022-35877 | 2022-10-25 | Four format string injection vulnerabilities exist in the XCMD testWifiAP... |
| CVE-2022-35878 | 2022-10-25 | Four format string injection vulnerabilities exist in the UPnP logging... |
| CVE-2022-35879 | 2022-10-25 | Four format string injection vulnerabilities exist in the UPnP logging... |
| CVE-2022-35880 | 2022-10-25 | Four format string injection vulnerabilities exist in the UPnP logging... |
| CVE-2022-35881 | 2022-10-25 | Four format string injection vulnerabilities exist in the UPnP logging... |
| CVE-2022-35884 | 2022-10-25 | Four format string injection vulnerabilities exist in the web interface... |
| CVE-2022-35885 | 2022-10-25 | Four format string injection vulnerabilities exist in the web interface... |
| CVE-2022-35886 | 2022-10-25 | Four format string injection vulnerabilities exist in the web interface... |
| CVE-2022-35887 | 2022-10-25 | Four format string injection vulnerabilities exist in the web interface... |
| CVE-2022-38436 | 2022-10-25 | Adobe Illustrator CDR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2022-38435 | 2022-10-25 | Adobe Illustrator PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| CVE-2022-27912 | 2022-10-25 | [20221001] - Core - Debug Mode leaks full request payloads including passwords |
| CVE-2022-27913 | 2022-10-25 | [20221002] - Core - RXSS through reflection of user input in headings |
| CVE-2022-3474 | 2022-10-26 | Bazel leaks user credentials through the remote assets API |
| CVE-2022-3671 | 2022-10-26 | SourceCodester eLearning System manage.php sql injection |
| CVE-2022-3704 | 2022-10-26 | Ruby on Rails _table.html.erb cross site scripting |
| CVE-2022-43747 | 2022-10-26 | baramundi Management Agent (bMA) in baramundi Management Suite (bMS) 2021... |
| CVE-2022-2782 | 2022-10-26 | In affected versions of Octopus Server it is possible for... |
| CVE-2022-3363 | 2022-10-26 | Business Logic Errors in ikus060/rdiffweb |
| CVE-2022-3662 | 2022-10-26 | Axiomatic Bento4 mp42hls Ap4Sample.h GetOffset use after free |
| CVE-2022-3663 | 2022-10-26 | Axiomatic Bento4 MP4fragment Ap4StsdAtom.cpp AP4_StsdAtom null pointer dereference |
| CVE-2022-3664 | 2022-10-26 | Axiomatic Bento4 avcinfo Ap4BitStream.cpp WriteBytes heap-based overflow |
| CVE-2022-3665 | 2022-10-26 | Axiomatic Bento4 avcinfo AvcInfo.cpp heap-based overflow |
| CVE-2022-3666 | 2022-10-26 | Axiomatic Bento4 mp42ts Ap4LinearReader.cpp Advance use after free |
| CVE-2022-3667 | 2022-10-26 | Axiomatic Bento4 mp42aac Ap4ByteStream.cpp WritePartial heap-based overflow |
| CVE-2022-3668 | 2022-10-26 | Axiomatic Bento4 mp4edit CreateAtomFromStream memory leak |
| CVE-2022-3669 | 2022-10-26 | Axiomatic Bento4 mp4edit Create memory leak |
| CVE-2022-3670 | 2022-10-26 | Axiomatic Bento4 mp42hevc WriteSample heap-based overflow |
| CVE-2022-3672 | 2022-10-26 | SourceCodester Sanitization Management System SystemSettings.php cross site scripting |
| CVE-2022-3673 | 2022-10-26 | SourceCodester Sanitization Management System Master.php cross site scripting |
| CVE-2022-3674 | 2022-10-26 | SourceCodester Sanitization Management System missing authentication |
| CVE-2022-3705 | 2022-10-26 | vim autocmd quickfix.c qf_update_buffer use after free |
| CVE-2022-37202 | 2022-10-26 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list |
| CVE-2022-39286 | 2022-10-26 | Execution with Unnecessary Privileges in JupyterApp |
| CVE-2022-39348 | 2022-10-26 | Twisted vulnerable to NameVirtualHost Host header injection |
| CVE-2022-39355 | 2022-10-26 | Discourse Patreon vulnerable to improper validation of email during Patreon authentication |
| CVE-2022-39357 | 2022-10-26 | Winter vulnerable to Prototype Pollution in Snowboard framework |
| CVE-2022-39358 | 2022-10-26 | Metabase vulnerable to circumvention of Locked parameter in Signed Embedding |
| CVE-2022-39359 | 2022-10-26 | Metabase's GeoJSON validation doesn't prevent redirects to blocked URLs |
| CVE-2022-39360 | 2022-10-26 | Metabase SSO users able to circumvent IdP login by doing password reset |
| CVE-2022-39361 | 2022-10-26 | Metabase vulnerable to Remote Code Execution via H2 |
| CVE-2022-39362 | 2022-10-26 | Metabase vulnerable to arbitrary SQL execution from queryhash |
| CVE-2022-39944 | 2022-10-26 | The Apache Linkis JDBC EngineConn module has a RCE Vulnerability |
| CVE-2022-42468 | 2022-10-26 | Apache Flume prior to 1.11.0 has an Improper Input Validation (JNDI Injection) in JMSSource |
| CVE-2022-42998 | 2022-10-26 | D-Link DIR-816 A2 1.10 B05 was discovered to contain a... |
| CVE-2022-42999 | 2022-10-26 | D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple... |
| CVE-2022-43000 | 2022-10-26 | D-Link DIR-816 A2 1.10 B05 was discovered to contain a... |
| CVE-2022-43001 | 2022-10-26 | D-Link DIR-816 A2 1.10 B05 was discovered to contain a... |
| CVE-2022-43002 | 2022-10-26 | D-Link DIR-816 A2 1.10 B05 was discovered to contain a... |
| CVE-2022-43003 | 2022-10-26 | D-Link DIR-816 A2 1.10 B05 was discovered to contain a... |
| CVE-2022-43750 | 2022-10-26 | drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and... |
| CVE-2022-43766 | 2022-10-26 | Apache IoTDB prior to 0.13.3 allows DoS |
| CVE-2022-43774 | 2022-10-26 | The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a... |
| CVE-2022-43775 | 2022-10-26 | The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a... |
| CVE-2022-43776 | 2022-10-26 | The url parameter of the /api/geojson endpoint in Metabase versions... |
| CVE-2022-25849 | 2022-10-26 | Cross-site Scripting (XSS) |
| CVE-2022-31256 | 2022-10-26 | sendmail: mail to root privilege escalation via sm-client.pre script |
| CVE-2022-43749 | 2022-10-26 | Improper privilege management vulnerability in summary report management in Synology... |
| CVE-2022-43748 | 2022-10-26 | Improper limitation of a pathname to a restricted directory ('Path... |
| CVE-2022-20811 | 2022-10-26 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities |
| CVE-2022-20822 | 2022-10-26 | Cisco Identity Services Engine Unauthorized File Access Vulnerability |
| CVE-2022-20933 | 2022-10-26 | Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability |
| CVE-2022-20953 | 2022-10-26 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities |
| CVE-2022-20954 | 2022-10-26 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities |