CVE List - 2022 / October
Showing 201 - 300 of 1849 CVEs for October 2022 (Page 3 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-41414 | 2022-10-07 | An insecure default in the component auth.login.prompt.enabled of Liferay Portal... |
| CVE-2022-41442 | 2022-10-07 | PicUploader v2.6.3 was discovered to contain cross-site scripting (XSS) vulnerability... |
| CVE-2022-41512 | 2022-10-07 | An arbitrary file upload vulnerability in the component /php_action/editFile.php of... |
| CVE-2022-41513 | 2022-10-07 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-41514 | 2022-10-07 | Open Source SACCO Management System v1.0 was discovered to contain... |
| CVE-2022-41515 | 2022-10-07 | Open Source SACCO Management System v1.0 was discovered to contain... |
| CVE-2022-41574 | 2022-10-07 | An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows... |
| CVE-2022-41672 | 2022-10-07 | Session still functional after user is deactivated |
| CVE-2022-42073 | 2022-10-07 | Online Diagnostic Lab Management System v1.0 is vulnerable to SQL... |
| CVE-2022-42074 | 2022-10-07 | Online Diagnostic Lab Management System v1.0 is vulnerable to SQL... |
| CVE-2022-42075 | 2022-10-07 | Wedding Planner v1.0 is vulnerable to arbitrary code execution. |
| CVE-2022-42092 | 2022-10-07 | Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes'... |
| CVE-2022-3414 | 2022-10-07 | SourceCodester Web-Based Student Clearance System POST Parameter login.php sql injection |
| CVE-2022-39285 | 2022-10-07 | Stored Cross-Site Scripting Vulnerability In File Parameter in zoneminder |
| CVE-2022-39287 | 2022-10-07 | Plaintext transmission of CSRF tokens in tiny-csrf |
| CVE-2022-39289 | 2022-10-07 | Database log access in ZoneMinder |
| CVE-2022-39290 | 2022-10-07 | CSRF key bypass using HTTP methods in zoneminder |
| CVE-2022-39291 | 2022-10-07 | Denial of service through logs in zoneminder |
| CVE-2022-39877 | 2022-10-07 | Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior... |
| CVE-2022-40827 | 2022-10-07 | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL... |
| CVE-2022-40828 | 2022-10-07 | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL... |
| CVE-2022-40872 | 2022-10-07 | An SQL injection vulnerability issue was discovered in Sourcecodester Simple... |
| CVE-2022-2928 | 2022-10-07 | An option refcount overflow exists in dhcpd |
| CVE-2022-2929 | 2022-10-07 | DHCP memory leak |
| CVE-2022-33896 | 2022-10-07 | A buffer underflow vulnerability exists in the way Hword of... |
| CVE-2022-22480 | 2022-10-07 | IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does... |
| CVE-2022-22493 | 2022-10-07 | IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2... |
| CVE-2022-30613 | 2022-10-07 | IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information... |
| CVE-2022-34308 | 2022-10-07 | IBM CICS TX 11.1 could allow a local user to... |
| CVE-2022-36772 | 2022-10-07 | IBM InfoSphere Information Server 11.7 could allow an authenticated user... |
| CVE-2022-41291 | 2022-10-07 | IBM InfoSphere Information Server 11.7 does not invalidate session after... |
| CVE-2022-21936 | 2022-10-07 | Metasys MVE |
| CVE-2022-3434 | 2022-10-08 | SourceCodester Web-Based Student Clearance System add-student.php prepare cross site scripting |
| CVE-2022-3435 | 2022-10-08 | Linux Kernel IPv4 fib_semantics.c fib_nh_match out-of-bounds |
| CVE-2022-39281 | 2022-10-08 | Remote Denial of Service via Tasks endpoint in fat_free_crm |
| CVE-2022-3436 | 2022-10-09 | SourceCodester Web-Based Student Clearance System Photo edit-photo.php unrestricted upload |
| CVE-2022-42010 | 2022-10-09 | An issue was discovered in D-Bus before 1.12.24, 1.13.x and... |
| CVE-2022-42011 | 2022-10-09 | An issue was discovered in D-Bus before 1.12.24, 1.13.x and... |
| CVE-2022-42012 | 2022-10-09 | An issue was discovered in D-Bus before 1.12.24, 1.13.x and... |
| CVE-2022-42703 | 2022-10-09 | mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free... |
| CVE-2021-25044 | 2022-10-10 | Cryptocurrency Pricing list and Ticker <= 1.5 - Reflected Cross-Site Scripting |
| CVE-2021-35226 | 2022-10-10 | Hashed Credential Exposure Vulnerability |
| CVE-2021-44171 | 2022-10-10 | A improper neutralization of special elements used in an os... |
| CVE-2022-2350 | 2022-10-10 | Disable User Login <= 1.0.1 - Unauthenticated Settings Update |
| CVE-2022-2448 | 2022-10-10 | reSmush.it Image Optimizer < 0.4.6 - Admin+ Cross-Site Scripting |
| CVE-2022-2554 | 2022-10-10 | Enable Media Replace < 4.0.0 - Admin+ Path Traversal |
| CVE-2022-26121 | 2022-10-10 | An exposure of resource to wrong sphere vulnerability [CWE-668] in... |
| CVE-2022-2629 | 2022-10-10 | Top Bar < 3.0.4 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-2823 | 2022-10-10 | Slider, Gallery, and Carousel by MetaSlider < 3.27.9 - Admin+ Stored Cross Site Scripting |
| CVE-2022-2891 | 2022-10-10 | WP 2FA < 2.3.0 - Time-Based Side-Channel Attack |
| CVE-2022-29055 | 2022-10-10 | A access of uninitialized pointer in Fortinet FortiOS version 7.2.0,... |
| CVE-2022-2981 | 2022-10-10 | Download Monitor < 4.5.98 - Admin+ Arbitrary File Download |
| CVE-2022-3136 | 2022-10-10 | Social Rocket < 1.3.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-3137 | 2022-10-10 | TaskBuilder < 1.0.8 - Subscriber+ Stored XSS via SVG file upload |
| CVE-2022-3154 | 2022-10-10 | Multiple Plugins from Viszt Peter - Multiple CSRF |
| CVE-2022-3207 | 2022-10-10 | Simple File List < 4.4.12 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-3208 | 2022-10-10 | Simple File List < 4.4.13 - Page Creation via CSRF |
| CVE-2022-3209 | 2022-10-10 | Soledad < 8.2.5 - Reflected Cross-site Scripting |
| CVE-2022-3220 | 2022-10-10 | Advanced Comment Form < 1.2.1 - Admin+ Authenticated Stored XSS |
| CVE-2022-33872 | 2022-10-10 | An improper neutralization of special elements used in an OS... |
| CVE-2022-33873 | 2022-10-10 | An improper neutralization of special elements used in an OS... |
| CVE-2022-33874 | 2022-10-10 | An improper neutralization of special elements used in an OS... |
| CVE-2022-3433 | 2022-10-10 | The aeson library is not safe to use to consume... |
| CVE-2022-3438 | 2022-10-10 | Open Redirect in ikus060/rdiffweb |
| CVE-2022-35844 | 2022-10-10 | An improper neutralization of special elements used in an OS... |
| CVE-2022-35846 | 2022-10-10 | An improper restriction of excessive authentication attempts vulnerability [CWE-307] in... |
| CVE-2022-40248 | 2022-10-10 | An HTML injection vulnerability exists in CERT/CC VINCE software prior to version 1.50.4 |
| CVE-2022-40257 | 2022-10-10 | An HTML injection vulnerability exists in CERT/CC VINCE software prior to version 1.50.4 |
| CVE-2022-41744 | 2022-10-10 | A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One... |
| CVE-2022-41745 | 2022-10-10 | An Out-of-Bounds access vulnerability in Trend Micro Apex One could... |
| CVE-2022-41746 | 2022-10-10 | A forced browsing vulnerability in Trend Micro Apex One could... |
| CVE-2022-41747 | 2022-10-10 | An improper certification validation vulnerability in Trend Micro Apex One... |
| CVE-2022-41748 | 2022-10-10 | A registry permissions vulnerability in the Trend Micro Apex One... |
| CVE-2022-41749 | 2022-10-10 | An origin validation error vulnerability in Trend Micro Apex One... |
| CVE-2022-42724 | 2022-10-10 | app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role... |
| CVE-2022-42725 | 2022-10-10 | Warpinator through 1.2.14 allows access outside of an intended directory,... |
| CVE-2022-3442 | 2022-10-10 | Crealogix EBICS ebics.aspx cross site scripting |
| CVE-2022-36063 | 2022-10-10 | USBX Host CDC ECM integer underflow with buffer overflow |
| CVE-2022-39288 | 2022-10-10 | Denial of service in Fastify via Content-Type header |
| CVE-2022-39292 | 2022-10-10 | Exposure of sensitive Slack webhook URLs in debug logs and traces |
| CVE-2022-20830 | 2022-10-10 | Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability |
| CVE-2022-20944 | 2022-10-10 | Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability |
| CVE-2022-20870 | 2022-10-10 | Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability |
| CVE-2022-20915 | 2022-10-10 | Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability |
| CVE-2022-20920 | 2022-10-10 | Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability |
| CVE-2022-20837 | 2022-10-10 | Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability |
| CVE-2022-20864 | 2022-10-10 | Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability |
| CVE-2022-34334 | 2022-10-10 | IBM Sterling Partner Engagement Manager 2.0 does not invalidate session... |
| CVE-2022-34402 | 2022-10-10 | Dell Wyse ThinOS 2205 contains a Regular Expression Denial of... |
| CVE-2022-34425 | 2022-10-10 | Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key... |
| CVE-2020-14129 | 2022-10-11 | A logic vulnerability exists in a Xiaomi product. The vulnerability... |
| CVE-2020-14131 | 2022-10-11 | The Xiaomi Security Center expresses heartfelt thanks to ADLab of... |
| CVE-2021-0696 | 2022-10-11 | In dllist_remove_node of TBD, there is a possible use after... |
| CVE-2021-0951 | 2022-10-11 | In DevmemIntHeapAcquire of TBD, there is a possible arbitrary code... |
| CVE-2022-20351 | 2022-10-11 | In queryInternal of CallLogProvider.java, there is a possible access to... |
| CVE-2022-20394 | 2022-10-11 | In getInputMethodWindowVisibleHeight of InputMethodManagerService.java, there is a possible way to... |
| CVE-2022-20409 | 2022-10-11 | In io_identity_cow of io_uring.c, there is a possible way to... |
| CVE-2022-20410 | 2022-10-11 | In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of... |
| CVE-2022-20412 | 2022-10-11 | In fdt_next_tag of fdt.c, there is a possible out of... |
| CVE-2022-20413 | 2022-10-11 | In start of Threads.cpp, there is a possible way to... |