CVE List - 2022 / November
Showing 1601 - 1700 of 2020 CVEs for November 2022 (Page 17 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-44191 | 2022-11-22 | Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters... |
| CVE-2022-44193 | 2022-11-22 | Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd... |
| CVE-2022-44194 | 2022-11-22 | Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters... |
| CVE-2022-44196 | 2022-11-22 | Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter... |
| CVE-2022-44197 | 2022-11-22 | Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter... |
| CVE-2022-44198 | 2022-11-22 | Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter... |
| CVE-2022-44199 | 2022-11-22 | Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter... |
| CVE-2022-44200 | 2022-11-22 | Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via... |
| CVE-2022-44201 | 2022-11-22 | D-Link DIR823G 1.02B05 is vulnerable to Commad Injection. |
| CVE-2022-44202 | 2022-11-22 | D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. |
| CVE-2022-44801 | 2022-11-22 | D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. |
| CVE-2022-44804 | 2022-11-22 | D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via... |
| CVE-2022-44806 | 2022-11-22 | D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow. |
| CVE-2022-44807 | 2022-11-22 | D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow... |
| CVE-2022-44808 | 2022-11-22 | A command injection vulnerability has been found on D-Link DIR-823G... |
| CVE-2022-45330 | 2022-11-22 | AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability... |
| CVE-2022-45331 | 2022-11-22 | AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability... |
| CVE-2022-45529 | 2022-11-22 | AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability... |
| CVE-2022-45535 | 2022-11-22 | AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability... |
| CVE-2022-45536 | 2022-11-22 | AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability... |
| CVE-2022-37931 | 2022-11-22 | A vulnerability in NetBatch-Plus software allows unauthorized access to the application |
| CVE-2022-45363 | 2022-11-22 | WordPress Betheme premium theme <= 26.6.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-2513 | 2022-11-22 | Cleartext Credentials Vulnerability on Hitachi Energy’s Multiple IED Connectivity Packages (IED ConnPacks) and PCM600 Products |
| CVE-2022-3910 | 2022-11-22 | Use after free in IO_uring in the Linux Kernel |
| CVE-2022-44737 | 2022-11-22 | WordPress All In One WP Security plugin <= 5.1.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities |
| CVE-2022-40228 | 2022-11-22 | IBM DataPower Gateway session fixation |
| CVE-2022-2791 | 2022-11-22 | Emerson Electric's Proficy Machine Edition Version 9.00 and prior is... |
| CVE-2021-3942 | 2022-11-22 | Certain HP Print products and Digital Sending products may be... |
| CVE-2022-41946 | 2022-11-23 | TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc |
| CVE-2022-44117 | 2022-11-23 | Boa 0.94.14rc21 is vulnerable to SQL Injection via username. NOTE:... |
| CVE-2022-45868 | 2022-11-23 | The web-based admin console in H2 Database Engine before 2.2.220... |
| CVE-2009-1142 | 2022-11-23 | An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can... |
| CVE-2009-1143 | 2022-11-23 | An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can... |
| CVE-2020-23583 | 2022-11-23 | OPTILINK OP-XT71000N V2.2 is vulnerable to Remote Code Execution. The... |
| CVE-2020-23584 | 2022-11-23 | Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2... |
| CVE-2020-23585 | 2022-11-23 | A remote attacker can conduct a cross-site request forgery (CSRF)... |
| CVE-2020-23586 | 2022-11-23 | A vulnerability found in OPTILINK OP-XT71000N Hardware Version: V2.2 ,... |
| CVE-2020-23587 | 2022-11-23 | A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2... |
| CVE-2020-23588 | 2022-11-23 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware... |
| CVE-2020-23589 | 2022-11-23 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware... |
| CVE-2020-23590 | 2022-11-23 | A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware... |
| CVE-2020-23591 | 2022-11-23 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware... |
| CVE-2020-23592 | 2022-11-23 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware... |
| CVE-2020-23593 | 2022-11-23 | A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version:... |
| CVE-2021-29334 | 2022-11-23 | An issue was discovered in JIZHI CMS 1.9.4. There is... |
| CVE-2021-35284 | 2022-11-23 | SQL Injection vulnerability in function get_user in login_manager.php in rizalafani... |
| CVE-2021-43258 | 2022-11-23 | CartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code... |
| CVE-2021-46854 | 2022-11-23 | mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS... |
| CVE-2022-23740 | 2022-11-23 | Improper Neutralization of Argument Delimiters in a Command in GitHub Enterprise Server leading to Remote Code Execution |
| CVE-2022-34830 | 2022-11-23 | An Arm product family through 2022-06-29 has a TOCTOU Race... |
| CVE-2022-35500 | 2022-11-23 | Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2022-35501 | 2022-11-23 | Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro... |
| CVE-2022-36111 | 2022-11-23 | immundb has insufficient verification of data authenticity |
| CVE-2022-36337 | 2022-11-23 | An issue was discovered in Insyde InsydeH2O with kernel 5.0... |
| CVE-2022-37421 | 2022-11-23 | Silverstripe silverstripe/cms through 4.11.0 allows XSS. |
| CVE-2022-37429 | 2022-11-23 | Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 2)... |
| CVE-2022-37430 | 2022-11-23 | Silverstripe silverstripe/framework through 4.11 allows XSS vulnerability via href attribute... |
| CVE-2022-37772 | 2022-11-23 | Maarch RM 2.8.3 solution contains an improper restriction of excessive... |
| CVE-2022-38113 | 2022-11-23 | Information Disclosure Vulnerability |
| CVE-2022-38114 | 2022-11-23 | Client-Side Desync Vulnerability |
| CVE-2022-38115 | 2022-11-23 | Insecure Methods Vulnerability |
| CVE-2022-38145 | 2022-11-23 | Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 3)... |
| CVE-2022-38147 | 2022-11-23 | Silverstripe silverstripe/framework through 4.11 allows XSS (issue 3 of 3). |
| CVE-2022-39833 | 2022-11-23 | FileCloud Versions 20.2 and later allows remote attackers to potentially... |
| CVE-2022-40304 | 2022-11-23 | An issue was discovered in libxml2 before 2.10.3. Certain invalid... |
| CVE-2022-40770 | 2022-11-23 | Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable... |
| CVE-2022-40771 | 2022-11-23 | Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable... |
| CVE-2022-40772 | 2022-11-23 | Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable... |
| CVE-2022-41446 | 2022-11-23 | An access control issue in /Admin/dashboard.php of Record Management System... |
| CVE-2022-41875 | 2022-11-23 | Remote Code Execution in Optica |
| CVE-2022-41922 | 2022-11-23 | yiisoft/yii before v1.1.27 vulnerable to Remote Code Execution if the application calls `unserialize()` on arbitrary user input |
| CVE-2022-41923 | 2022-11-23 | Grails Spring Security Core plugin vulnerable to privilege escalation |
| CVE-2022-41924 | 2022-11-23 | Tailscale Windows daemon is vulnerable to RCE via CSRF |
| CVE-2022-41925 | 2022-11-23 | Tailscale daemon is vulnerable to information disclosure via CSRF |
| CVE-2022-41927 | 2022-11-23 | XWiki Platform vulnerable to Cross-Site Request Forgery (CSRF) allowing to delete or rename tags |
| CVE-2022-41928 | 2022-11-23 | XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml |
| CVE-2022-41929 | 2022-11-23 | Missing Authorization in User#setDisabledStatus in org.xwiki.platform:xwiki-platform-oldcore |
| CVE-2022-41930 | 2022-11-23 | org.xwiki.platform:xwiki-platform-user-profile-ui missing authorization to enable or disable users |
| CVE-2022-41931 | 2022-11-23 | Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui |
| CVE-2022-41932 | 2022-11-23 | Creation of new database tables through login form on PostgreSQL |
| CVE-2022-41933 | 2022-11-23 | Plaintext storage of password in org.xwiki.platform:xwiki-platform-security-authentication-default |
| CVE-2022-41934 | 2022-11-23 | Improper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-menu-ui |
| CVE-2022-41935 | 2022-11-23 | Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui |
| CVE-2022-42095 | 2022-11-23 | Backdrop CMS version 1.23.0 was discovered to contain a stored... |
| CVE-2022-43196 | 2022-11-23 | dedecmdv6 v6.1.9 is vulnerable to Arbitrary file deletion via file_manage_control.php. |
| CVE-2022-43213 | 2022-11-23 | Billing System Project v1.0 was discovered to contain a SQL... |
| CVE-2022-44118 | 2022-11-23 | dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via... |
| CVE-2022-44120 | 2022-11-23 | dedecmdv6 6.1.9 is vulnerable to SQL Injection. via sys_sql_query.php. |
| CVE-2022-44139 | 2022-11-23 | Apartment Visitor Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2022-44140 | 2022-11-23 | Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-44249 | 2022-11-23 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName... |
| CVE-2022-44250 | 2022-11-23 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName... |
| CVE-2022-44251 | 2022-11-23 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd... |
| CVE-2022-44252 | 2022-11-23 | TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName... |
| CVE-2022-44253 | 2022-11-23 | TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter... |
| CVE-2022-44254 | 2022-11-23 | TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter... |
| CVE-2022-44255 | 2022-11-23 | TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a pre-authentication buffer overflow in the... |
| CVE-2022-44256 | 2022-11-23 | TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter... |
| CVE-2022-44257 | 2022-11-23 | TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter... |
| CVE-2022-44258 | 2022-11-23 | TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter... |