CVE List - 2022 / November
Showing 1901 - 2000 of 2020 CVEs for November 2022 (Page 20 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-4195 | 2022-11-29 | Insufficient policy enforcement in Safe Browsing in Google Chrome prior... |
| CVE-2022-46146 | 2022-11-29 | Prometheus Exporter Toolkit vulnerable to basic authentication bypass |
| CVE-2021-31693 | 2022-11-29 | The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows... |
| CVE-2022-3086 | 2022-11-29 | Cradlepoint IBR600 Command Injection |
| CVE-2022-36136 | 2022-11-29 | ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to... |
| CVE-2022-36137 | 2022-11-29 | ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to... |
| CVE-2022-36433 | 2022-11-29 | The blog-post creation functionality in the Amasty Blog Pro 2.10.3... |
| CVE-2022-3751 | 2022-11-29 | SQL Injection in owncast/owncast |
| CVE-2022-40799 | 2022-11-29 | Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <=... |
| CVE-2022-4144 | 2022-11-29 | An out-of-bounds read flaw was found in the QXL display... |
| CVE-2022-41568 | 2022-11-29 | LINE client for iOS before 12.17.0 might be crashed by... |
| CVE-2022-4172 | 2022-11-29 | An integer overflow and buffer overflow issues were found in... |
| CVE-2022-4202 | 2022-11-29 | GPAC lsr_dec.c lsr_translate_coords integer overflow |
| CVE-2022-42099 | 2022-11-29 | KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers... |
| CVE-2022-42100 | 2022-11-29 | KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers... |
| CVE-2022-42109 | 2022-11-29 | Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-43326 | 2022-11-29 | An Insecure Direct Object Reference (IDOR) vulnerability in the password... |
| CVE-2022-44037 | 2022-11-29 | An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C)... |
| CVE-2022-44038 | 2022-11-29 | Russound XSourcePlayer 777D v06.08.03 was discovered to contain a remote... |
| CVE-2022-44279 | 2022-11-29 | Garage Management System v1.0 is vulnerable to Cross Site Scripting... |
| CVE-2022-44354 | 2022-11-29 | SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File... |
| CVE-2022-44355 | 2022-11-29 | SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via... |
| CVE-2022-44356 | 2022-11-29 | WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325... |
| CVE-2022-44635 | 2022-11-29 | Apache Fineract allowed an authenticated user to perform remote code execution due to path traversal |
| CVE-2022-45202 | 2022-11-29 | GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via... |
| CVE-2022-45204 | 2022-11-29 | GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a memory leak via... |
| CVE-2022-45301 | 2022-11-29 | Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants... |
| CVE-2022-45304 | 2022-11-29 | Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants... |
| CVE-2022-45305 | 2022-11-29 | Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants... |
| CVE-2022-45306 | 2022-11-29 | Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants... |
| CVE-2022-45307 | 2022-11-29 | Insecure permissions in Chocolatey PHP package v8.1.12 and below grants... |
| CVE-2022-45329 | 2022-11-29 | AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability... |
| CVE-2022-45343 | 2022-11-29 | GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via... |
| CVE-2022-46148 | 2022-11-29 | Discourse allows self-XSS through malicious composer message |
| CVE-2022-46150 | 2022-11-29 | Discourse may allow exposure of hidden tags in the subject of notification emails |
| CVE-2022-46152 | 2022-11-29 | OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function |
| CVE-2022-46155 | 2022-11-29 | Airtable.js credentials exposed in browser builds |
| CVE-2022-32966 | 2022-11-29 | Realtek RTL8111FP-CG - Missing Authorization |
| CVE-2022-32967 | 2022-11-29 | Realtek RTL8111EP-CG/RTL8111FP-CG - Use of Hard-coded Credentials |
| CVE-2022-41675 | 2022-11-29 | TEAM JOHNLONG SOFTWARE CO., LTD. MAILD Mail Server - Formula Injection |
| CVE-2022-41676 | 2022-11-29 | TEAM JOHNLONG SOFTWARE CO., LTD. MAILD Mail Server - Cross-Site Scripting |
| CVE-2022-25848 | 2022-11-29 | Directory Traversal |
| CVE-2022-21126 | 2022-11-29 | Creation of Temporary File in Directory with Insecure Permissions |
| CVE-2022-4027 | 2022-11-29 | The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2022-4028 | 2022-11-29 | The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2022-4029 | 2022-11-29 | The Simple:Press plugin for WordPress is vulnerable to Reflected Cross-Site... |
| CVE-2022-4030 | 2022-11-29 | The Simple:Press plugin for WordPress is vulnerable to Path Traversal... |
| CVE-2022-4031 | 2022-11-29 | The Simple:Press plugin for WordPress is vulnerable to arbitrary file... |
| CVE-2022-4032 | 2022-11-29 | The Quiz and Survey Master plugin for WordPress is vulnerable... |
| CVE-2022-4033 | 2022-11-29 | The Quiz and Survey Master plugin for WordPress is vulnerable... |
| CVE-2022-4034 | 2022-11-29 | The Appointment Hour Booking Plugin for WordPress is vulnerable to... |
| CVE-2022-4035 | 2022-11-29 | The Appointment Hour Booking plugin for WordPress is vulnerable to... |
| CVE-2022-4036 | 2022-11-29 | The Appointment Hour Booking plugin for WordPress is vulnerable to... |
| CVE-2022-3361 | 2022-11-29 | The Ultimate Member plugin for WordPress is vulnerable to directory... |
| CVE-2022-3384 | 2022-11-29 | The Ultimate Member plugin for WordPress is vulnerable to Remote... |
| CVE-2022-3383 | 2022-11-29 | The Ultimate Member plugin for WordPress is vulnerable to Remote... |
| CVE-2022-3747 | 2022-11-29 | The Becustom plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2022-3896 | 2022-11-29 | The WP Affiliate Platform plugin for WordPress is vulnerable to... |
| CVE-2022-3897 | 2022-11-29 | The WP Affiliate Platform plugin for WordPress is vulnerable to... |
| CVE-2022-3898 | 2022-11-29 | The WP Affiliate Platform plugin for WordPress is vulnerable to... |
| CVE-2022-3995 | 2022-11-29 | The TeraWallet plugin for WordPress is vulnerable to Insecure Direct... |
| CVE-2022-3991 | 2022-11-29 | The Photospace Gallery plugin for WordPress is vulnerable to Stored... |
| CVE-2022-36960 | 2022-11-29 | SolarWinds Platform Improper Input Validation |
| CVE-2022-36962 | 2022-11-29 | SolarWinds Platform Command Injection |
| CVE-2022-36964 | 2022-11-29 | SolarWinds Platform Deserialization of Untrusted Data |
| CVE-2022-4228 | 2022-11-30 | SourceCodester Book Store Management System information disclosure |
| CVE-2022-4232 | 2022-11-30 | SourceCodester Event Registration System unrestricted upload |
| CVE-2021-31740 | 2022-11-30 | SEPPMail's web frontend, user input is not embedded correctly in... |
| CVE-2021-4242 | 2022-11-30 | Sapido BR270n/BRC76n/GR297/RB1732 syscmd.htm os command injection |
| CVE-2022-22984 | 2022-11-30 | Command Injection |
| CVE-2022-23746 | 2022-11-30 | The IPsec VPN blade has a dedicated portal for downloading... |
| CVE-2022-24441 | 2022-11-30 | Code Injection |
| CVE-2022-38801 | 2022-11-30 | In Zkteco BioTime < 8.5.3 Build:20200816.447, an employee can hijack... |
| CVE-2022-38802 | 2022-11-30 | Zkteco BioTime < 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access... |
| CVE-2022-38803 | 2022-11-30 | Zkteco BioTime < 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access... |
| CVE-2022-41412 | 2022-11-30 | An issue in the graphData.cgi component of perfSONAR v4.4.5 and... |
| CVE-2022-41413 | 2022-11-30 | perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site... |
| CVE-2022-4222 | 2022-11-30 | SourceCodester Canteen Management System POST Request ajax_invoice.php query sql injection |
| CVE-2022-4229 | 2022-11-30 | SourceCodester Book Store Management System index.php access control |
| CVE-2022-4231 | 2022-11-30 | Tribal Systems Zenario CMS Remember Me session fixiation |
| CVE-2022-4233 | 2022-11-30 | SourceCodester Event Registration System cross site scripting |
| CVE-2022-4234 | 2022-11-30 | SourceCodester Canteen Management System brand.php builtin_echo cross site scripting |
| CVE-2022-44096 | 2022-11-30 | Sanitization Management System v1.0 was discovered to contain hardcoded credentials... |
| CVE-2022-44097 | 2022-11-30 | Book Store Management System v1.0 was discovered to contain hardcoded... |
| CVE-2022-44136 | 2022-11-30 | Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE). |
| CVE-2022-44151 | 2022-11-30 | Simple Inventory Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-44294 | 2022-11-30 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-44295 | 2022-11-30 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-44296 | 2022-11-30 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-45328 | 2022-11-30 | Church Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-45332 | 2022-11-30 | LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow... |
| CVE-2022-45337 | 2022-11-30 | Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack... |
| CVE-2022-45869 | 2022-11-30 | A race condition in the x86 KVM subsystem in the... |
| CVE-2022-46149 | 2022-11-30 | Cap'n Proto vulnerable to out-of-bounds read due to logic error handling list-of-list. |
| CVE-2022-46156 | 2022-11-30 | Grafana's default installation of `synthetic-monitoring-agent` exposes sensitive information |
| CVE-2022-46162 | 2022-11-30 | Discourse BBCode plugin vulnerable to arbitrary CSS injection |
| CVE-2022-46338 | 2022-11-30 | g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards,... |
| CVE-2022-40265 | 2022-11-30 | Denial of Service (DoS) Vulnerability in MELSEC iQ-R Series Ethernet Interface Module |
| CVE-2022-3859 | 2022-11-30 | An uncontrolled search path vulnerability exists in Trellix Agent (TA)... |
| CVE-2022-26366 | 2022-11-30 | WordPress AdRotate Banner Manager Plugin <= 5.9 is vulnerable to Cross Site Request Forgery (CSRF) |