CVE List - 2022 / November
Showing 1001 - 1100 of 2020 CVEs for November 2022 (Page 11 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-3976 | 2022-11-13 | MZ Automation libiec61850 MMS File Services mms_client_files.c path traversal |
| CVE-2022-3978 | 2022-11-13 | NodeBB abort cross-site request forgery |
| CVE-2022-40735 | 2022-11-14 | The Diffie-Hellman Key Agreement Protocol allows use of long exponents... |
| CVE-2022-43688 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-44390 | 2022-11-14 | A cross-site scripting (XSS) vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers... |
| CVE-2022-45136 | 2022-11-14 | Apache Jena SDB allows arbitrary deserialisation via JDBC |
| CVE-2022-45183 | 2022-11-14 | Escalation of privileges in the Web Server in Ironman Software... |
| CVE-2022-45184 | 2022-11-14 | The Web Server in Ironman Software PowerShell Universal v3.x and... |
| CVE-2022-45198 | 2022-11-14 | Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF... |
| CVE-2022-45199 | 2022-11-14 | Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. |
| CVE-2022-45378 | 2022-11-14 | Apache SOAP allows unauthenticated users to potentially invoke arbitrary code |
| CVE-2021-38827 | 2022-11-14 | Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover. |
| CVE-2021-38828 | 2022-11-14 | Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to plain-text traffic sniffing. |
| CVE-2021-40272 | 2022-11-14 | OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to... |
| CVE-2022-2449 | 2022-11-14 | reSmush.it Image Optimizer < 0.4.7 - Multiple CSRF |
| CVE-2022-2450 | 2022-11-14 | reSmush.it Image Optimizer < 0.4.4 - Subscriber+ AJAX Calls |
| CVE-2022-27949 | 2022-11-14 | Apache Airflow prior to 2.3.1 may include sensitive values in rendered template |
| CVE-2022-30773 | 2022-11-14 | DMA attacks on the parameter buffer used by the IhisiSmm... |
| CVE-2022-30774 | 2022-11-14 | DMA attacks on the parameter buffer used by the PnpSmm... |
| CVE-2022-31243 | 2022-11-14 | Update description and links DMA transactions which are targeted at... |
| CVE-2022-32266 | 2022-11-14 | DMA attacks on the parameter buffer used by a software... |
| CVE-2022-32267 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-3238 | 2022-11-14 | A double-free flaw was found in the Linux kernel’s NTFS3... |
| CVE-2022-3362 | 2022-11-14 | Insufficient Session Expiration in ikus060/rdiffweb |
| CVE-2022-33905 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-33906 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-33907 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-33908 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-33909 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-33982 | 2022-11-14 | DMA attacks on the parameter buffer used by the Int15ServiceSmm... |
| CVE-2022-33983 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-33984 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-33985 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-33986 | 2022-11-14 | DMA attacks on the parameter buffer used by the VariableRuntimeDxe... |
| CVE-2022-3415 | 2022-11-14 | Chat Bubble < 2.3 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2022-34325 | 2022-11-14 | DMA transactions which are targeted at input buffers used for... |
| CVE-2022-3469 | 2022-11-14 | WP Attachments < 5.0.5 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-3477 | 2022-11-14 | tagDiv Composer < 3.5 - Unauthenticated Account Takeover |
| CVE-2022-3484 | 2022-11-14 | WPB Show Core - Reflected Cross-Site Scripting |
| CVE-2022-3538 | 2022-11-14 | Webmaster Tools Verification <= 1.2 - Unauthenticated Arbitrary Plugin Deactivation |
| CVE-2022-3539 | 2022-11-14 | Testimonials (Free < 2.7, Pro < 1.0.8) - Admin+ Stored Cross-Site Scripting |
| CVE-2022-35613 | 2022-11-14 | Konker v2.3.9 was to discovered to contain a Cross-Site Request... |
| CVE-2022-3574 | 2022-11-14 | WPForms Pro < 1.7.7 - CSV Injection |
| CVE-2022-3578 | 2022-11-14 | ProfileGrid < 5.1.1 - Reflected Cross-Site Scripting |
| CVE-2022-3631 | 2022-11-14 | OAuth Client by DigitialPixies <= 1.1.0 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-3632 | 2022-11-14 | OAuth Client by DigitialPixies <= 1.1.0 - CSRF |
| CVE-2022-37109 | 2022-11-14 | patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable... |
| CVE-2022-37290 | 2022-11-14 | GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename... |
| CVE-2022-38167 | 2022-11-14 | The Nintex Workflow plugin 5.2.2.30 for SharePoint allows XSS. |
| CVE-2022-3903 | 2022-11-14 | An incorrect read request flaw was found in the Infrared... |
| CVE-2022-39385 | 2022-11-14 | Users erroneously and transparently added to private messages in Discourse |
| CVE-2022-3988 | 2022-11-14 | Frappe Search navbar_search.html cross site scripting |
| CVE-2022-3992 | 2022-11-14 | SourceCodester Sanitization Management System Banner Image cross site scripting |
| CVE-2022-3993 | 2022-11-14 | Improper Restriction of Excessive Authentication Attempts in kareadita/kavita |
| CVE-2022-40127 | 2022-11-14 | Apache Airflow <2.4.0 has an RCE in a bash example |
| CVE-2022-40405 | 2022-11-14 | WoWonder Social Network Platform v4.1.2 was discovered to contain a... |
| CVE-2022-40903 | 2022-11-14 | Aiphone GT-DMB-N 3-in-1 Video Entrance Station with NFC Reader 1.0.3... |
| CVE-2022-41913 | 2022-11-14 | Discourse-calendar exposes members of hidden groups |
| CVE-2022-42110 | 2022-11-14 | A Cross-site scripting (XSS) vulnerability in the Announcements module in... |
| CVE-2022-42984 | 2022-11-14 | WoWonder Social Network Platform 4.1.4 was discovered to contain a... |
| CVE-2022-43030 | 2022-11-14 | Siyucms v6.1.7 was discovered to contain a remote code execution... |
| CVE-2022-43146 | 2022-11-14 | An arbitrary file upload vulnerability in the image upload function... |
| CVE-2022-43288 | 2022-11-14 | Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-43294 | 2022-11-14 | Tasmota before commit 066878da4d4762a9b6cb169fdf353e804d735cfd was discovered to contain a stack... |
| CVE-2022-43295 | 2022-11-14 | XPDF v4.04 was discovered to contain a stack overflow via... |
| CVE-2022-43323 | 2022-11-14 | EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2022-43342 | 2022-11-14 | A stored cross-site scripting (XSS) vulnerability in the Add function... |
| CVE-2022-43686 | 2022-11-14 | In Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0... |
| CVE-2022-43687 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-43689 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-43690 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-43691 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-43692 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-43693 | 2022-11-14 | Concrete CMS is vulnerable to CSRF due to the lack... |
| CVE-2022-43694 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-43695 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-43967 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-43968 | 2022-11-14 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and... |
| CVE-2022-44387 | 2022-11-14 | EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2022-44389 | 2022-11-14 | EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2022-31630 | 2022-11-14 | OOB read due to insufficient input validation in imageloadfont() |
| CVE-2022-0324 | 2022-11-14 | Buffer Overflow in Dhcp6relay in Software for Open Networking in the Cloud (SONiC) |
| CVE-2022-35719 | 2022-11-14 | IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD... |
| CVE-2022-0137 | 2022-11-14 | A heap buffer overflow in image_set_mask function of HTMLDOC before... |
| CVE-2022-34313 | 2022-11-14 | IBM CICS TX Standard is vulnerable to allowing attackers access to an application via insecure session cookies |
| CVE-2022-24937 | 2022-11-14 | Malformed Zigbee packet causes Assert in EmberZNet 7.0.0 or earlier |
| CVE-2022-34319 | 2022-11-14 | IBM CICS TX information disclosure |
| CVE-2022-34329 | 2022-11-14 | IBM CICS TX information disclosure |
| CVE-2022-24938 | 2022-11-14 | Malformed Zigbee packet causes Assert in EmberZNet 7.0.1 or earlier |
| CVE-2022-34312 | 2022-11-14 | IBM CICS TX information disclosure |
| CVE-2022-38705 | 2022-11-14 | IBM CICS TX phishing |
| CVE-2022-34315 | 2022-11-14 | IBM CICS TX cross-site scripting |
| CVE-2022-34314 | 2022-11-14 | IBM CICS TX 11.1 could disclose sensitive information to a... |
| CVE-2022-34316 | 2022-11-14 | IBM CICS TX information disclosure |
| CVE-2022-34318 | 2022-11-14 | IBM CICS TX clickjacking |
| CVE-2022-34317 | 2022-11-14 | IBM CICS TX cross-site scripting |
| CVE-2022-34320 | 2022-11-14 | IBM CICS TX information disclosure |
| CVE-2022-28764 | 2022-11-14 | Local information exposure in Zoom Clients |
| CVE-2022-27896 | 2022-11-14 | The Foundry Code-Workbooks service was found to contain an issue leading to information disclosure. |
| CVE-2022-40843 | 2022-11-15 | The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper... |