CVE List - 2022 / November
Showing 1201 - 1300 of 2020 CVEs for November 2022 (Page 13 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-41814 | 2022-11-15 | Potential XSS in history view |
| CVE-2022-42000 | 2022-11-15 | Potential XSS in comment section |
| CVE-2022-42001 | 2022-11-15 | Potential XSS in book navigation |
| CVE-2022-43780 | 2022-11-15 | Certain HP ENVY, OfficeJet, and DeskJet printers may be vulnerable... |
| CVE-2022-41558 | 2022-11-15 | TIBCO Spotfire Stored Cross Site Scripting (XSS) Vulnerability |
| CVE-2022-27895 | 2022-11-15 | A component in Foundry logging was found to be capturing sensitive information in logs. |
| CVE-2022-3920 | 2022-11-15 | Consul Peering Imported Nodes/Services Leak |
| CVE-2022-39316 | 2022-11-16 | Out of bound read in FreeRDP |
| CVE-2022-39318 | 2022-11-16 | Division by zero in urbdrc channel in FreeRDP |
| CVE-2022-39319 | 2022-11-16 | Missing length validation in urbdrc channel in FreeRDP |
| CVE-2022-39320 | 2022-11-16 | Heap buffer overflow in urbdrc channel |
| CVE-2022-39347 | 2022-11-16 | Missing path sanitation with `drive` channel in FreeRDP |
| CVE-2022-4014 | 2022-11-16 | FeehiCMS Post My Comment Tab cross-site request forgery |
| CVE-2022-4015 | 2022-11-16 | Sports Club Management System make_payments.php sql injection |
| CVE-2022-41877 | 2022-11-16 | Missing input length validation in `drive` channel in FreeRDP |
| CVE-2022-43262 | 2022-11-16 | Human Resource Management System v1.0 was discovered to contain a... |
| CVE-2022-45047 | 2022-11-16 | Apache MINA SSHD: Java unsafe deserialization vulnerability |
| CVE-2021-38819 | 2022-11-16 | A SQL injection vulnerability exits on the Simple Image Gallery... |
| CVE-2022-2166 | 2022-11-16 | Improper Restriction of Excessive Authentication Attempts in mastodon/mastodon |
| CVE-2022-39317 | 2022-11-16 | Out of bounds read in zgfx decoder in FreeRDP |
| CVE-2022-39383 | 2022-11-16 | SSRF vulnerability in KubeVela VelaUX APIServer |
| CVE-2022-3980 | 2022-11-16 | An XML External Entity (XEE) vulnerability allows server-side request forgery... |
| CVE-2022-4011 | 2022-11-16 | Simple History Plugin Header neutralization for logs |
| CVE-2022-4012 | 2022-11-16 | Hospital Management Center patient-info.php sql injection |
| CVE-2022-4013 | 2022-11-16 | Hospital Management Center appointment.php cross-site request forgery |
| CVE-2022-4018 | 2022-11-16 | Missing Authentication for Critical Function in ikus060/rdiffweb |
| CVE-2022-40752 | 2022-11-16 | IBM InfoSphere DataStage 11.7 is vulnerable to a command injection... |
| CVE-2022-41914 | 2022-11-16 | Non-constant-time SCIM token comparison in Zulip Server |
| CVE-2022-42960 | 2022-11-16 | EqualWeb Accessibility Widget 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.10, 3.0.0,... |
| CVE-2022-43135 | 2022-11-16 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43234 | 2022-11-16 | An arbitrary file upload vulnerability in the /attachments component of... |
| CVE-2022-43256 | 2022-11-16 | SeaCms before v12.6 was discovered to contain a SQL injection... |
| CVE-2022-43263 | 2022-11-16 | A cross-site scripting (XSS) vulnerability in Arobas Music Guitar Pro... |
| CVE-2022-43264 | 2022-11-16 | Arobas Music Guitar Pro for iPad and iPhone before v1.10.2... |
| CVE-2022-43999 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44000 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44002 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44003 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44004 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44005 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44006 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44007 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44008 | 2022-11-16 | An issue was discovered in BACKCLICK Professional 5.9.63. Due to... |
| CVE-2022-44069 | 2022-11-16 | Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2022-44070 | 2022-11-16 | Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2022-44071 | 2022-11-16 | Zenario CMS 9.3.57186 is is vulnerable to Cross Site Scripting... |
| CVE-2022-44073 | 2022-11-16 | Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2022-24036 | 2022-11-16 | Unauthorized modification in Karmasis Informatics Infraskope SIEM+ |
| CVE-2022-4021 | 2022-11-16 | The Permalink Manager Lite plugin for WordPress is vulnerable to... |
| CVE-2022-4022 | 2022-11-16 | The SVG Support plugin for WordPress defaults to insecure settings... |
| CVE-2022-34354 | 2022-11-16 | IBM Sterling Partner Engagement Manager information disclosure |
| CVE-2021-31608 | 2022-11-17 | Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a... |
| CVE-2021-33897 | 2022-11-17 | A buffer overflow in Synthesia before 10.7.5567, when a non-Latin... |
| CVE-2022-20427 | 2022-11-17 | In (TBD) of (TBD), there is a possible way to... |
| CVE-2022-20428 | 2022-11-17 | In (TBD) of (TBD), there is a possible out of... |
| CVE-2022-20459 | 2022-11-17 | In (TBD) of (TBD), there is a possible way to... |
| CVE-2022-20460 | 2022-11-17 | In (TBD) mprot_unmap? of (TBD), there is a possible way... |
| CVE-2022-23748 | 2022-11-17 | mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies... |
| CVE-2022-36432 | 2022-11-17 | The Preview functionality in the Amasty Blog Pro 2.10.3 plugin... |
| CVE-2022-36786 | 2022-11-17 | DLINK - DSL-224 Post-auth RCE. |
| CVE-2022-38165 | 2022-11-17 | Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows... |
| CVE-2022-39389 | 2022-11-17 | Witness Block Parsing DoS Vulnerability in lnd |
| CVE-2022-39834 | 2022-11-17 | A stored XSS vulnerability was discovered in adminweb/ra/viewendentity.jsp in PrimeKey... |
| CVE-2022-4051 | 2022-11-17 | Hostel Searching Project view-property.php sql injection |
| CVE-2022-4052 | 2022-11-17 | Student Attendance Management System createClass.php sql injection |
| CVE-2022-4053 | 2022-11-17 | Student Attendance Management System createClass.php cross site scripting |
| CVE-2022-40881 | 2022-11-17 | SolarView Compact 6.00 was discovered to contain a command injection... |
| CVE-2022-41920 | 2022-11-17 | Zip slip in Lancet |
| CVE-2022-42187 | 2022-11-17 | Hustoj 22.09.22 has a XSS Vulnerability in /admin/problem_judge.php. |
| CVE-2022-42245 | 2022-11-17 | Dreamer CMS 4.0.01 is vulnerable to SQL Injection. |
| CVE-2022-42246 | 2022-11-17 | Doufox 0.0.4 contains a CSRF vulnerability that can add system... |
| CVE-2022-42533 | 2022-11-17 | In shared_metadata_init of SharedMetadata.cpp, there is a possible out of... |
| CVE-2022-42732 | 2022-11-17 | A vulnerability has been identified in syngo Dynamics (All versions... |
| CVE-2022-42733 | 2022-11-17 | A vulnerability has been identified in syngo Dynamics (All versions... |
| CVE-2022-42734 | 2022-11-17 | A vulnerability has been identified in syngo Dynamics (All versions... |
| CVE-2022-42891 | 2022-11-17 | A vulnerability has been identified in syngo Dynamics (All versions... |
| CVE-2022-42892 | 2022-11-17 | A vulnerability has been identified in syngo Dynamics (All versions... |
| CVE-2022-42893 | 2022-11-17 | A vulnerability has been identified in syngo Dynamics (All versions... |
| CVE-2022-42894 | 2022-11-17 | A vulnerability has been identified in syngo Dynamics (All versions... |
| CVE-2022-42903 | 2022-11-17 | Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to... |
| CVE-2022-42954 | 2022-11-17 | Keyfactor EJBCA before 7.10.0 allows XSS. |
| CVE-2022-42982 | 2022-11-17 | BKG Professional NtripCaster 2.0.39 allows querying information over the UDP... |
| CVE-2022-42985 | 2022-11-17 | The ScratchLogin extension through 1.1 for MediaWiki does not escape... |
| CVE-2022-43096 | 2022-11-17 | Mediatrix 4102 before v48.5.2718 allows local attackers to gain root... |
| CVE-2022-43138 | 2022-11-17 | Dolibarr Open Source ERP & CRM for Business before v14.0.1... |
| CVE-2022-43140 | 2022-11-17 | kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery... |
| CVE-2022-43142 | 2022-11-17 | A cross-site scripting (XSS) vulnerability in the add-fee.php component of... |
| CVE-2022-43162 | 2022-11-17 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43163 | 2022-11-17 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43171 | 2022-11-17 | A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF... |
| CVE-2022-43179 | 2022-11-17 | Online Leave Management System v1.0 was discovered to contain a... |
| CVE-2022-43183 | 2022-11-17 | XXL-Job before v2.3.1 contains a Server-Side Request Forgery (SSRF) via... |
| CVE-2022-43192 | 2022-11-17 | An arbitrary file upload vulnerability in the component /dede/file_manage_control.php of... |
| CVE-2022-43332 | 2022-11-17 | A cross-site scripting (XSS) vulnerability in Wondercms v3.3.4 allows attackers... |
| CVE-2022-44001 | 2022-11-17 | An issue was discovered in BACKCLICK Professional 5.9.63. User authentication... |
| CVE-2022-44384 | 2022-11-17 | An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers... |
| CVE-2022-44402 | 2022-11-17 | Automotive Shop Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-44403 | 2022-11-17 | Automotive Shop Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-44725 | 2022-11-17 | OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a... |
| CVE-2022-45461 | 2022-11-17 | The Java Admin Console in Veritas NetBackup through 10.1 and... |