CVE List - 2022 / November
Showing 1301 - 1400 of 2020 CVEs for November 2022 (Page 14 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-43781 | 2022-11-17 | There is a command injection vulnerability using environment variables in... |
| CVE-2022-43782 | 2022-11-17 | Affected versions of Atlassian Crowd allow an attacker to authenticate... |
| CVE-2022-40751 | 2022-11-17 | IBM UrbanCode Deploy information disclosure |
| CVE-2022-38390 | 2022-11-17 | Multiple IBM Business Automation Workflow versions are vulnerable to cross-site... |
| CVE-2022-32537 | 2022-11-17 | Medtronic MiniMed 600 Series Pump System Communication Issue |
| CVE-2022-3090 | 2022-11-17 | Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson... |
| CVE-2022-45072 | 2022-11-17 | WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-45071 | 2022-11-17 | WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-38461 | 2022-11-17 | WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability |
| CVE-2022-40200 | 2022-11-17 | WordPress wpForo Forum plugin <= 2.0.9 - Auth. Arbitrary File Upload vulnerability |
| CVE-2021-36905 | 2022-11-17 | WordPress Quiz And Survey Master plugin <= 7.3.4 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-45375 | 2022-11-17 | WordPress iFeature Slider plugin <= 1.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-45066 | 2022-11-17 | WordPress WooSwipe WooCommerce Gallery plugin <= 2.0.1 - Auth. Broken Access Control vulnerability |
| CVE-2022-36357 | 2022-11-17 | WordPress ULTIMATE TABLES plugin <= 1.6.5 - Unauth. Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-45077 | 2022-11-17 | WordPress Betheme theme <= 26.5.1.4 - Auth. PHP Object Injection vulnerability |
| CVE-2022-41791 | 2022-11-17 | WordPress ProfileGrid plugin <= 5.1.6 - Auth. CSV Injection vulnerability |
| CVE-2022-44591 | 2022-11-17 | WordPress Anthologize plugin <= 0.8.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-41132 | 2022-11-17 | WordPress Ezoic plugin <= 2.8.8 - Unauthenticated Plugin Settings Change Leading To Stored XSS Vulnerability |
| CVE-2022-41315 | 2022-11-17 | WordPress Ezoic plugin <= 2.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-40192 | 2022-11-17 | WordPress wpForo Forum plugin <= 2.0.9 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-44736 | 2022-11-17 | WordPress Chameleon plugin <= 1.4.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-40694 | 2022-11-17 | WordPress News Announcement Scroll plugin <= 8.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-45069 | 2022-11-17 | WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability |
| CVE-2022-36787 | 2022-11-17 | webvendome - webvendome SQL Injection |
| CVE-2022-36784 | 2022-11-17 | Elsight – Elsight Halo Remote Code Execution (RCE) |
| CVE-2022-39181 | 2022-11-17 | GLPI - Reports plugin for GLPI Reflected Cross-Site-Scripting (RXSS) |
| CVE-2022-39180 | 2022-11-17 | College Management System v1.0 - SQL Injection (SQLi) |
| CVE-2022-39178 | 2022-11-17 | Webvendome - webvendome Internal Server IP Disclosure |
| CVE-2022-39179 | 2022-11-17 | College Management System v1.0 - Authenticated remote code execution |
| CVE-2022-36785 | 2022-11-17 | D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. |
| CVE-2022-28768 | 2022-11-17 | Local Privilege Escalation in Zoom Client Installer for macOS |
| CVE-2022-28766 | 2022-11-17 | DLL injection in Zoom Windows Clients |
| CVE-2022-36924 | 2022-11-17 | Local Privilege Escalation in Zoom Rooms Installer for Windows |
| CVE-2022-43447 | 2022-11-17 | Delta Electronics DIAEnergie SQL Injection |
| CVE-2022-43457 | 2022-11-17 | Delta Electronics DIAEnergie SQL Injection |
| CVE-2022-43452 | 2022-11-17 | Delta Electronics DIAEnergie SQL Injection |
| CVE-2022-41775 | 2022-11-17 | Delta Electronics DIAEnergie SQL Injection |
| CVE-2022-43506 | 2022-11-17 | Delta Electronics DIAEnergie SQL Injection |
| CVE-2022-24939 | 2022-11-17 | Malformed Zigbee packet with invalid destination address causes Assert |
| CVE-2021-33621 | 2022-11-18 | The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x... |
| CVE-2021-22141 | 2022-11-18 | An open redirect flaw was found in Kibana versions before... |
| CVE-2021-31739 | 2022-11-18 | The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability... |
| CVE-2021-37936 | 2022-11-18 | It was discovered that Kibana was not sanitizing document fields... |
| CVE-2022-30256 | 2022-11-18 | An issue was discovered in MaraDNS Deadwood through 3.5.0021 that... |
| CVE-2022-31606 | 2022-11-18 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2022-31607 | 2022-11-18 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2022-31608 | 2022-11-18 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2022-31610 | 2022-11-18 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2022-31612 | 2022-11-18 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2022-31613 | 2022-11-18 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2022-31615 | 2022-11-18 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2022-31616 | 2022-11-18 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2022-31617 | 2022-11-18 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2022-31694 | 2022-11-18 | InstallBuilder Qt installers built with versions previous to 22.10 try... |
| CVE-2022-34665 | 2022-11-18 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2022-34667 | 2022-11-18 | NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability... |
| CVE-2022-34827 | 2022-11-18 | Carel Boss Mini 1.5.0 has Improper Access Control. |
| CVE-2022-37197 | 2022-11-18 | IOBit IOTransfer V4 is vulnerable to Unquoted Service Path. |
| CVE-2022-38871 | 2022-11-18 | In Free5gc v3.0.5, the AMF breaks due to malformed NAS... |
| CVE-2022-4055 | 2022-11-18 | When xdg-mail is configured to use thunderbird for mailto URLs,... |
| CVE-2022-41880 | 2022-11-18 | ThreadUnsafeUnigramCandidateSampler Heap out of bounds in Tensorflow |
| CVE-2022-41883 | 2022-11-18 | Out of bounds segmentation fault due to unequal op inputs in Tensorflow |
| CVE-2022-41884 | 2022-11-18 | Seg fault in `ndarray_tensor_bridge` due to zero and large inputs in Tensorflow |
| CVE-2022-41885 | 2022-11-18 | Overflow in `FusedResizeAndPadConv2D` in Tensorflow |
| CVE-2022-41886 | 2022-11-18 | Overflow in `ImageProjectiveTransformV2` in Tensorflow |
| CVE-2022-41887 | 2022-11-18 | Overflow in `tf.keras.losses.poisson` in Tensorflow |
| CVE-2022-41888 | 2022-11-18 | Unckecked rank size in `tf.image.generate_bounding_box_proposals` in Tensorflow |
| CVE-2022-41889 | 2022-11-18 | Segfault via invalid attributes in `pywrap_tfe_src.cc` in Tensorflow |
| CVE-2022-41890 | 2022-11-18 | `CHECK` fail in `BCast` overflow in Tensorflow |
| CVE-2022-41891 | 2022-11-18 | Segfault in `tf.raw_ops.TensorListConcat` in Tensorflow |
| CVE-2022-41893 | 2022-11-18 | `CHECK_EQ` fail in `tf.raw_ops.TensorListResize` in Tensorflow |
| CVE-2022-41894 | 2022-11-18 | Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite |
| CVE-2022-41895 | 2022-11-18 | `MirrorPadGrad` heap out of bounds read in Tensorflow |
| CVE-2022-41896 | 2022-11-18 | `tf.raw_ops.Mfcc` crashes in Tensorflow |
| CVE-2022-41897 | 2022-11-18 | `FractionalMaxPoolGrad` Heap out of bounds read in Tensorflow |
| CVE-2022-41898 | 2022-11-18 | `CHECK` fail via inputs in `SparseFillEmptyRowsGrad` in Tensorflow |
| CVE-2022-41899 | 2022-11-18 | `CHECK` fail via inputs in `SdcaOptimizer` in Tensorflow |
| CVE-2022-41900 | 2022-11-18 | FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess in Tensorflow |
| CVE-2022-41901 | 2022-11-18 | `CHECK_EQ` fail via input in `SparseMatrixNNZ` in Tensorflow |
| CVE-2022-41907 | 2022-11-18 | Overflow in `ResizeNearestNeighborGrad` in Tensorflow |
| CVE-2022-41908 | 2022-11-18 | `CHECK` fail via inputs in `PyFunc` in Tensorflow |
| CVE-2022-41909 | 2022-11-18 | Segfault in `CompositeTensorVariantToComponents` in Tensorflow |
| CVE-2022-41911 | 2022-11-18 | Invalid char to bool conversion when printing a tensor in Tensorflow |
| CVE-2022-42904 | 2022-11-18 | Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users... |
| CVE-2022-43308 | 2022-11-18 | INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily... |
| CVE-2022-43673 | 2022-11-18 | Wire through 3.22.3993 on Windows advertises deletion of sent messages;... |
| CVE-2022-44204 | 2022-11-18 | D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow. |
| CVE-2022-44378 | 2022-11-18 | Automotive Shop Management System v1.0 is vulnerable to SQL via... |
| CVE-2022-44379 | 2022-11-18 | Automotive Shop Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-44413 | 2022-11-18 | Automotive Shop Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-44414 | 2022-11-18 | Automotive Shop Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-44415 | 2022-11-18 | Automotive Shop Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-44641 | 2022-11-18 | In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with... |
| CVE-2022-44820 | 2022-11-18 | Automotive Shop Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-45132 | 2022-11-18 | In Linaro Automated Validation Architecture (LAVA) before 2022.11.1, remote code... |
| CVE-2022-45163 | 2022-11-18 | An information-disclosure vulnerability exists on select NXP devices when configured... |
| CVE-2022-45473 | 2022-11-18 | In drachtio-server 0.8.18, /var/log/drachtio has mode 0777 and drachtio.log has... |
| CVE-2022-45474 | 2022-11-18 | drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. |
| CVE-2022-24037 | 2022-11-18 | Unauthorized modification in Karmasis Informatics Infraskope SIEM+ |
| CVE-2022-24038 | 2022-11-18 | Unauthorized modification in Karmasis Informatics Infraskope SIEM+ |