CVE List - 2022 / October
Showing 401 - 500 of 1849 CVEs for October 2022 (Page 5 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-38039 | 2022-10-11 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2022-38040 | 2022-10-11 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2022-38041 | 2022-10-11 | Windows Secure Channel Denial of Service Vulnerability |
| CVE-2022-38042 | 2022-10-11 | Active Directory Domain Services Elevation of Privilege Vulnerability |
| CVE-2022-38043 | 2022-10-11 | Windows Security Support Provider Interface Information Disclosure Vulnerability |
| CVE-2022-38045 | 2022-10-11 | Windows Server Service Elevation of Privilege Vulnerability |
| CVE-2022-38046 | 2022-10-11 | Web Account Manager Information Disclosure Vulnerability |
| CVE-2022-38047 | 2022-10-11 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2022-38048 | 2022-10-11 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2022-38049 | 2022-10-11 | Microsoft Office Graphics Remote Code Execution Vulnerability |
| CVE-2022-38050 | 2022-10-11 | Win32k Elevation of Privilege Vulnerability |
| CVE-2022-38051 | 2022-10-11 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2022-38053 | 2022-10-11 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-38371 | 2022-10-11 | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet)... |
| CVE-2022-39013 | 2022-10-11 | Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading... |
| CVE-2022-39015 | 2022-10-11 | Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted. |
| CVE-2022-39800 | 2022-10-11 | SAP BusinessObjects BI LaunchPad - versions 420, 430, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the... |
| CVE-2022-39802 | 2022-10-11 | SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow... |
| CVE-2022-39803 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly (.sat, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author... |
| CVE-2022-39804 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Part (.sldprt, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-39805 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Computer Graphics Metafile (.cgm, CgmTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author -... |
| CVE-2022-39806 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Drawing (.slddrw, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-39807 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated SolidWorks Drawing (.sldasm, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9,... |
| CVE-2022-39808 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-40047 | 2022-10-11 | Flatpress v1.2.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php. |
| CVE-2022-40138 | 2022-10-11 | An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only... |
| CVE-2022-40147 | 2022-10-11 | A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The affected software does not properly validate the server certificate when initiating a TLS connection. This could... |
| CVE-2022-40176 | 2022-10-11 | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41),... |
| CVE-2022-40177 | 2022-10-11 | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41),... |
| CVE-2022-40178 | 2022-10-11 | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41),... |
| CVE-2022-40179 | 2022-10-11 | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41),... |
| CVE-2022-40180 | 2022-10-11 | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41),... |
| CVE-2022-40181 | 2022-10-11 | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41),... |
| CVE-2022-40182 | 2022-10-11 | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41),... |
| CVE-2022-40227 | 2022-10-11 | A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4),... |
| CVE-2022-40440 | 2022-10-11 | mxGraph v4.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the setTooltips() function. |
| CVE-2022-40631 | 2022-10-11 | A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT... |
| CVE-2022-40777 | 2022-10-11 | Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/... |
| CVE-2022-40921 | 2022-10-11 | DedeCMS V5.7.99 was discovered to contain an arbitrary file upload vulnerability via the component /dede/file_manage_control.php. |
| CVE-2022-41031 | 2022-10-11 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2022-41034 | 2022-10-11 | Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2022-41035 | 2022-10-11 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2022-41036 | 2022-10-11 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-41037 | 2022-10-11 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-41038 | 2022-10-11 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-41042 | 2022-10-11 | Visual Studio Code Information Disclosure Vulnerability |
| CVE-2022-41043 | 2022-10-11 | Microsoft Office Information Disclosure Vulnerability |
| CVE-2022-41081 | 2022-10-11 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2022-41083 | 2022-10-11 | Visual Studio Code Elevation of Privilege Vulnerability |
| CVE-2022-41166 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9,... |
| CVE-2022-41167 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9,... |
| CVE-2022-41168 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-41169 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9,... |
| CVE-2022-41170 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-41171 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9,... |
| CVE-2022-41172 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9,... |
| CVE-2022-41173 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it... |
| CVE-2022-41174 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Right Hemisphere Material (.rhm, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-41175 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-41176 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9,... |
| CVE-2022-41177 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise... |
| CVE-2022-41178 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author... |
| CVE-2022-41179 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JtTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-41180 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Portable Document Format (.pdf, PDFPublishing.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author -... |
| CVE-2022-41181 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Portable Document Format (.pdf, PDFPublishing.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-41182 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Parasolid Part and Assembly (.x_b, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author -... |
| CVE-2022-41183 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version... |
| CVE-2022-41184 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author -... |
| CVE-2022-41185 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, MataiPersistence.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author -... |
| CVE-2022-41186 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version... |
| CVE-2022-41187 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version... |
| CVE-2022-41188 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,... |
| CVE-2022-41190 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,... |
| CVE-2022-41192 | 2022-10-11 | Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,... |
| CVE-2022-41193 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer -... |
| CVE-2022-41194 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version... |
| CVE-2022-41195 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer... |
| CVE-2022-41196 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version... |
| CVE-2022-41197 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version... |
| CVE-2022-41198 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,... |
| CVE-2022-41200 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer -... |
| CVE-2022-42036 | 2022-10-11 | The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. |
| CVE-2022-31765 | 2022-10-11 | Affected devices do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges. |
| CVE-2022-31766 | 2022-10-11 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions <... |
| CVE-2022-3452 | 2022-10-11 | SourceCodester Book Store Management System category.php cross site scripting |
| CVE-2022-3453 | 2022-10-11 | SourceCodester Book Store Management System transcation.php cross site scripting |
| CVE-2022-37599 | 2022-10-11 | A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. |
| CVE-2022-38028 | 2022-10-11 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2022-38044 | 2022-10-11 | Windows CD-ROM File System Driver Remote Code Execution Vulnerability |
| CVE-2022-38138 | 2022-10-11 | The Triangle Microworks IEC 61850 Library (Any client or server using the C language library with a version number of 11.2.0 or earlier and any client or server using the... |
| CVE-2022-38465 | 2022-10-11 | A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP... |
| CVE-2022-39271 | 2022-10-11 | Traefik HTTP/2 connections management could cause a denial of service |
| CVE-2022-39296 | 2022-10-11 | Path traversal in MelisAssetManager |
| CVE-2022-40226 | 2022-10-11 | A vulnerability has been identified in SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10),... |
| CVE-2022-41032 | 2022-10-11 | NuGet Client Elevation of Privilege Vulnerability |
| CVE-2022-41033 | 2022-10-11 | Windows COM+ Event System Service Elevation of Privilege Vulnerability |
| CVE-2022-41189 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,... |
| CVE-2022-41191 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version... |
| CVE-2022-41199 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer -... |
| CVE-2022-41201 | 2022-10-11 | Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer -... |