CVE List - 2022 / November
Showing 1801 - 1900 of 2020 CVEs for November 2022 (Page 19 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-45887 | 2022-11-25 | An issue was discovered in the Linux kernel through 6.0.9.... |
| CVE-2022-38377 | 2022-11-25 | An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0... |
| CVE-2022-24999 | 2022-11-26 | qs before 6.10.3, as used in Express before 4.17.3 and... |
| CVE-2022-45907 | 2022-11-26 | In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution... |
| CVE-2022-45908 | 2022-11-26 | In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection... |
| CVE-2022-45909 | 2022-11-26 | drachtio-server before 0.8.19 has a heap-based buffer over-read via a... |
| CVE-2022-45919 | 2022-11-27 | An issue was discovered in the Linux kernel through 6.0.10.... |
| CVE-2022-43705 | 2022-11-27 | In Botan before 2.19.3, it is possible to forge OCSP... |
| CVE-2022-45914 | 2022-11-27 | The ESL (Electronic Shelf Label) protocol, as implemented by (for... |
| CVE-2022-45930 | 2022-11-27 | A SQL injection issue was discovered in AAA in OpenDaylight... |
| CVE-2022-45931 | 2022-11-27 | A SQL injection issue was discovered in AAA in OpenDaylight... |
| CVE-2022-45932 | 2022-11-27 | A SQL injection issue was discovered in AAA in OpenDaylight... |
| CVE-2022-45933 | 2022-11-27 | KubeView through 0.1.31 allows attackers to obtain control of a... |
| CVE-2022-45934 | 2022-11-27 | An issue was discovered in the Linux kernel through 6.0.10.... |
| CVE-2022-24187 | 2022-11-28 | The user_id and device_id on the Ourphoto App version 1.4.1... |
| CVE-2022-24188 | 2022-11-28 | The /device/signin end-point for the Ourphoto App version 1.4.1 discloses... |
| CVE-2022-24189 | 2022-11-28 | The user_token authorization header on the Ourphoto App version 1.4.1... |
| CVE-2022-24190 | 2022-11-28 | The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not... |
| CVE-2022-31877 | 2022-11-28 | An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0... |
| CVE-2022-36193 | 2022-11-28 | SQL injection in School Management System 1.0 allows remote attackers... |
| CVE-2022-38753 | 2022-11-28 | This update resolves a multi-factor authentication bypass attack |
| CVE-2022-38900 | 2022-11-28 | decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in... |
| CVE-2022-4104 | 2022-11-28 | A loop with an unreachable exit condition can be triggered... |
| CVE-2022-4127 | 2022-11-28 | A NULL pointer dereference issue was discovered in the Linux... |
| CVE-2022-4128 | 2022-11-28 | A NULL pointer dereference issue was discovered in the Linux... |
| CVE-2022-4129 | 2022-11-28 | A flaw was found in the Linux kernel's Layer 2... |
| CVE-2022-41912 | 2022-11-28 | crewjam/saml go library is vulnerable to signature bypass via multiple Assertion elements |
| CVE-2022-41921 | 2022-11-28 | Discourse chat messages should have a maximum character limit |
| CVE-2022-41944 | 2022-11-28 | Discourse users can see notifications for topics they no longer have access to |
| CVE-2022-41957 | 2022-11-28 | muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference |
| CVE-2022-41965 | 2022-11-28 | Opencast Authenticated OpenRedirect Vulnerability |
| CVE-2022-44283 | 2022-11-28 | AVS Audio Converter 10.3 is vulnerable to Buffer Overflow. |
| CVE-2022-44284 | 2022-11-28 | Dinstar FXO Analog VoIP Gateway DAG2000-16O is vulnerable to Cross... |
| CVE-2022-44399 | 2022-11-28 | Poultry Farm Management System v1.0 contains a SQL injection vulnerability... |
| CVE-2022-44400 | 2022-11-28 | Purchase Order Management System v1.0 contains a file upload vulnerability... |
| CVE-2022-44401 | 2022-11-28 | Online Tours & Travels Management System v1.0 contains an arbitrary... |
| CVE-2022-44937 | 2022-11-28 | Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2022-45214 | 2022-11-28 | A cross-site scripting (XSS) vulnerability in Sanitization Management System v1.0.0... |
| CVE-2022-45221 | 2022-11-28 | Web-Based Student Clearance System v1.0 was discovered to contain a... |
| CVE-2022-45223 | 2022-11-28 | Web-Based Student Clearance System v1.0 was discovered to contain a... |
| CVE-2022-45224 | 2022-11-28 | Web-Based Student Clearance System v1.0 was discovered to contain a... |
| CVE-2022-45442 | 2022-11-28 | Sinatra vulnerable to Reflected File Download attack |
| CVE-2022-45921 | 2022-11-28 | FusionAuth before 1.41.3 allows a file outside of the application... |
| CVE-2022-45939 | 2022-11-28 | GNU Emacs through 28.2 allows attackers to execute commands via... |
| CVE-2022-46147 | 2022-11-28 | Drag and Drop XBlock v2 has XSS Issues in Xblock Input Fields |
| CVE-2022-43588 | 2022-11-28 | A null pointer dereference vulnerability exists in the handle_ioctl_83150 functionality... |
| CVE-2022-43589 | 2022-11-28 | A null pointer dereference vulnerability exists in the handle_ioctl_8314C functionality... |
| CVE-2022-43590 | 2022-11-28 | A null pointer dereference vulnerability exists in the handle_ioctl_0x830a0_systembuffer functionality... |
| CVE-2022-4020 | 2022-11-28 | Acer Aspire BIOS vulnerability |
| CVE-2022-3601 | 2022-11-28 | Image Hover Effects Css3 <= 4.5 - Admin+ Stored XSS |
| CVE-2022-3768 | 2022-11-28 | WPSmartContracts < 1.3.12 - Author+ SQLi |
| CVE-2022-3769 | 2022-11-28 | OWM Weather < 5.6.9 - Contributor+ SQLi |
| CVE-2021-25059 | 2022-11-28 | Download Plugin < 2.0.0 - Subscriber+ Website Download |
| CVE-2022-3689 | 2022-11-28 | HTML Forms < 1.3.25 - Admin+ SQLi |
| CVE-2022-3831 | 2022-11-28 | reCAPTCHA <= 1.6 - Admin+ Stored XSS |
| CVE-2022-3850 | 2022-11-28 | Find and Replace All <= 1.3 - Arbitrary Replacement via CSRF |
| CVE-2022-3610 | 2022-11-28 | Jeeng Push Notifications < 2.0.4 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-2311 | 2022-11-28 | Find and Replace All < 1.3 - Reflected Cross Site Scripting |
| CVE-2022-2983 | 2022-11-28 | Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-3828 | 2022-11-28 | Video Thumbnails <= 2.12.3 - Admin+ Stored XSS |
| CVE-2022-3490 | 2022-11-28 | Checkout Field Editor for WooCommerce < 1.8.0 - Admin+ PHP Object Injection |
| CVE-2022-3849 | 2022-11-28 | WP User Merger < 1.5.3 - Admin+ SQLi via user_id |
| CVE-2022-3824 | 2022-11-28 | WP Admin UI Customize < 1.5.13 - Admin+ Stored XSS |
| CVE-2022-3833 | 2022-11-28 | Fancier Author Box by ThematoSoup <= 1.4 - Admin+ Stored XSS |
| CVE-2022-3848 | 2022-11-28 | WP User Merger < 1.5.3 - Admin+ SQLi via wpsu_user_id |
| CVE-2022-3822 | 2022-11-28 | Donations via PayPal < 1.9.9 - Admin+ Stored XSS |
| CVE-2022-3834 | 2022-11-28 | Google Forms <= 0.95 - Admin+ Stored XSS |
| CVE-2022-3603 | 2022-11-28 | Export customers list CSV for WooCommerce < 2.0.69 - CSV Injection |
| CVE-2022-3839 | 2022-11-28 | Analytics for WP <= 1.5.1 - Admin+ Stored XSS |
| CVE-2022-3511 | 2022-11-28 | Awesome Support < 6.1.2 - Subscriber+ Arbitrary Exported Tickets Download |
| CVE-2022-3823 | 2022-11-28 | Beautiful Cookie Consent Banner < 2.9.1 - Admin+ Stored XSS |
| CVE-2022-3847 | 2022-11-28 | Showing URL in QR Code <= 0.0.1 - Stored XSS via CSRF |
| CVE-2022-3865 | 2022-11-28 | WP User Merger < 1.5.3 - Admin+ SQLi via ID |
| CVE-2022-42445 | 2022-11-28 | HCL Launch is vulnerable to Insufficiently Protected LDAP Search Credentials (CVE-2022-42445) |
| CVE-2021-45036 | 2022-11-28 | Velneo vClient improper authentication |
| CVE-2022-41732 | 2022-11-28 | IBM Maximo information disclosure |
| CVE-2022-4169 | 2022-11-28 | The Theme and plugin translation for Polylang is vulnerable to... |
| CVE-2022-34654 | 2022-11-28 | WordPress Manage Notification E-mails Plugin <= 1.8.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-38140 | 2022-11-28 | WordPress SEO Plugin by Squirrly SEO Plugin <= 12.1.10 is vulnerable to Arbitrary File Upload |
| CVE-2022-4174 | 2022-11-29 | Type confusion in V8 in Google Chrome prior to 108.0.5359.71... |
| CVE-2022-4175 | 2022-11-29 | Use after free in Camera Capture in Google Chrome prior... |
| CVE-2022-4176 | 2022-11-29 | Out of bounds write in Lacros Graphics in Google Chrome... |
| CVE-2022-4177 | 2022-11-29 | Use after free in Extensions in Google Chrome prior to... |
| CVE-2022-4178 | 2022-11-29 | Use after free in Mojo in Google Chrome prior to... |
| CVE-2022-4179 | 2022-11-29 | Use after free in Audio in Google Chrome prior to... |
| CVE-2022-4180 | 2022-11-29 | Use after free in Mojo in Google Chrome prior to... |
| CVE-2022-4181 | 2022-11-29 | Use after free in Forms in Google Chrome prior to... |
| CVE-2022-4182 | 2022-11-29 | Inappropriate implementation in Fenced Frames in Google Chrome prior to... |
| CVE-2022-4183 | 2022-11-29 | Insufficient policy enforcement in Popup Blocker in Google Chrome prior... |
| CVE-2022-4184 | 2022-11-29 | Insufficient policy enforcement in Autofill in Google Chrome prior to... |
| CVE-2022-4185 | 2022-11-29 | Inappropriate implementation in Navigation in Google Chrome on iOS prior... |
| CVE-2022-4186 | 2022-11-29 | Insufficient validation of untrusted input in Downloads in Google Chrome... |
| CVE-2022-4187 | 2022-11-29 | Insufficient policy enforcement in DevTools in Google Chrome on Windows... |
| CVE-2022-4188 | 2022-11-29 | Insufficient validation of untrusted input in CORS in Google Chrome... |
| CVE-2022-4189 | 2022-11-29 | Insufficient policy enforcement in DevTools in Google Chrome prior to... |
| CVE-2022-4190 | 2022-11-29 | Insufficient data validation in Directory in Google Chrome prior to... |
| CVE-2022-4191 | 2022-11-29 | Use after free in Sign-In in Google Chrome prior to... |
| CVE-2022-4192 | 2022-11-29 | Use after free in Live Caption in Google Chrome prior... |
| CVE-2022-4193 | 2022-11-29 | Insufficient policy enforcement in File System API in Google Chrome... |
| CVE-2022-4194 | 2022-11-29 | Use after free in Accessibility in Google Chrome prior to... |