CVE List - 2022 / November
Showing 201 - 300 of 2020 CVEs for November 2022 (Page 3 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-44542 | 2022-11-01 | lesspipe before 2.06 allows attackers to execute code via Perl... |
| CVE-2020-36605 | 2022-11-01 | File Permissions Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Viewpoint |
| CVE-2022-3191 | 2022-11-01 | Information Exposure Vulnerability in Hitachi Ops Center Analyzer |
| CVE-2022-41552 | 2022-11-01 | Server-Side Request Forgery Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer |
| CVE-2022-41553 | 2022-11-01 | Information Exposure Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer |
| CVE-2022-25885 | 2022-11-01 | Denial of Service (DoS) |
| CVE-2022-3369 | 2022-11-01 | Improper handling of registry symbolic links in Bitdefender Engines |
| CVE-2020-4099 | 2022-11-01 | HCL Verse for Android is susceptible to an APK signing key check vulnerability |
| CVE-2022-3509 | 2022-11-01 | Parsing issue in protobuf textformat |
| CVE-2022-3780 | 2022-11-01 | Database connections on deleted users could stay active on MySQL... |
| CVE-2022-3781 | 2022-11-01 | Dashlane password and Keepass Server password in My Account Settings... |
| CVE-2022-26119 | 2022-11-02 | A improper authentication vulnerability in Fortinet FortiSIEM before 6.5.0 allows... |
| CVE-2022-26122 | 2022-11-02 | An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient,... |
| CVE-2022-30307 | 2022-11-02 | A key management error vulnerability [CWE-320] affecting the RSA SSH... |
| CVE-2022-33870 | 2022-11-02 | An improper neutralization of special elements used in an OS... |
| CVE-2022-33878 | 2022-11-02 | An exposure of sensitive information to an unauthorized actor vulnerabiltiy... |
| CVE-2022-35842 | 2022-11-02 | An exposure of sensitive information to an unauthorized actor vulnerabiltiy... |
| CVE-2022-35851 | 2022-11-02 | An improper neutralization of input during web page generation vulnerability... |
| CVE-2022-38372 | 2022-11-02 | A hidden functionality vulnerability [CWE-1242] in FortiTester CLI 2.3.0 through... |
| CVE-2022-38373 | 2022-11-02 | An improper neutralization of input during web page generation vulnerability... |
| CVE-2022-38374 | 2022-11-02 | A improper neutralization of input during web page generation ('cross-site... |
| CVE-2022-38380 | 2022-11-02 | An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0... |
| CVE-2022-38381 | 2022-11-02 | An improper handling of malformed request vulnerability [CWE-228] exists in... |
| CVE-2022-3844 | 2022-11-02 | Webmin index.cgi cross site scripting |
| CVE-2022-39945 | 2022-11-02 | An improper access control vulnerability [CWE-284] in FortiMail 7.2.0, 7.0.0... |
| CVE-2022-39949 | 2022-11-02 | An improper control of a resource through its lifetime vulnerability... |
| CVE-2022-39950 | 2022-11-02 | An improper neutralization of input during web page generation vulnerability... |
| CVE-2022-42473 | 2022-11-02 | A missing authentication for a critical function vulnerability in Fortinet... |
| CVE-2020-36608 | 2022-11-02 | Tribal Systems Zenario CMS Error Log Module admin_organizer.js cross site scripting |
| CVE-2021-37789 | 2022-11-02 | stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading... |
| CVE-2022-2904 | 2022-11-02 | A cross-site scripting issue has been discovered in GitLab CE/EE... |
| CVE-2022-3825 | 2022-11-02 | Huaxia ERP User Management sql injection |
| CVE-2022-3826 | 2022-11-02 | Huaxia ERP Retail Management list information disclosure |
| CVE-2022-3827 | 2022-11-02 | centreon Contact Groups Form formContactGroup.php sql injection |
| CVE-2022-3845 | 2022-11-02 | phpipam Import Preview import-load-data.php cross site scripting |
| CVE-2022-39241 | 2022-11-02 | Possible Server-Side Request Forgery (SSRF) in webhooks |
| CVE-2022-39353 | 2022-11-02 | xmldom allows multiple root nodes in a DOM |
| CVE-2022-39356 | 2022-11-02 | Discourse user account takeover via email and invite link |
| CVE-2022-39378 | 2022-11-02 | Displaying user badges can leak topic titles to users that have no access to the topic |
| CVE-2022-39379 | 2022-11-02 | Fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration) |
| CVE-2022-39381 | 2022-11-02 | Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp |
| CVE-2022-40840 | 2022-11-02 | ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting... |
| CVE-2022-41551 | 2022-11-02 | Garage Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-43066 | 2022-11-02 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43068 | 2022-11-02 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43226 | 2022-11-02 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43227 | 2022-11-02 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43235 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43236 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via... |
| CVE-2022-43237 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via... |
| CVE-2022-43238 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain an unknown crash via... |
| CVE-2022-43239 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43240 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43241 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain an unknown crash via... |
| CVE-2022-43242 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43243 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43244 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43245 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a segmentation violation via... |
| CVE-2022-43248 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43249 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43250 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43252 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43253 | 2022-11-02 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via... |
| CVE-2022-43254 | 2022-11-02 | GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via... |
| CVE-2022-43255 | 2022-11-02 | GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via... |
| CVE-2022-43670 | 2022-11-02 | XSS in Sling CMS Reference App Taxonomy Path |
| CVE-2022-43982 | 2022-11-02 | Apache Airflow prior to 2.4.2 allows reflected XSS via Origin Query Argument in URL |
| CVE-2022-43985 | 2022-11-02 | Apache Airflow prior to 2.4.2 has an open redirect |
| CVE-2022-43995 | 2022-11-02 | Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains... |
| CVE-2021-45446 | 2022-11-02 | Pentaho Business Analytics Server - Exposure of Information Through Directory Listing |
| CVE-2021-45447 | 2022-11-02 | Pentaho Business Analytics Server - With the Data Lineage feature enabled, the system transmits database passwords in clear text |
| CVE-2021-45448 | 2022-11-02 | Pentaho Business Analytics Server - Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user supplied path to access resources that are out of bounds. |
| CVE-2022-41716 | 2022-11-02 | Unsanitized NUL in environment variables on Windows in syscall and os/exec |
| CVE-2022-3575 | 2022-11-02 | Frauscher Sensortechnik Diagnostic System FDS102 for FAdC R2 and FAdCi R2 configuration upload vulnerability |
| CVE-2022-24936 | 2022-11-02 | Gecko Standalone Bootloader vulnerability may allow bypassing application secure boot in some Series 2 devices |
| CVE-2022-3181 | 2022-11-02 | An Improper Input Validation vulnerability exists in Trihedral VTScada version... |
| CVE-2022-24942 | 2022-11-02 | Heap-based buffer overflow in MicriumOS HTTP Server allows potential remote code execution |
| CVE-2022-44576 | 2022-11-02 | WordPress AgentEasy Properties plugin <= 1.0.4 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-44586 | 2022-11-02 | WordPress AM-HiLi plugin <= 1.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-38710 | 2022-11-03 | IBM Robotic Process Automation information disclosure |
| CVE-2022-42745 | 2022-11-03 | CandidATS version 3.0.0 allows an external attacker to read arbitrary... |
| CVE-2020-22818 | 2022-11-03 | MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter. |
| CVE-2020-22819 | 2022-11-03 | MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter. |
| CVE-2020-22820 | 2022-11-03 | MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter. |
| CVE-2021-37823 | 2022-11-03 | OpenCart 3.0.3.7 allows users to obtain database information or read... |
| CVE-2021-39077 | 2022-11-03 | IBM Security Guardium information disclosure |
| CVE-2021-46853 | 2022-11-03 | Alpine before 2.25 allows remote attackers to cause a denial... |
| CVE-2022-22425 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV... |
| CVE-2022-22442 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 could allow an authenticated user... |
| CVE-2022-30608 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request... |
| CVE-2022-30615 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.... |
| CVE-2022-32287 | 2022-11-03 | Apache UIMA prior to 3.3.1 has a path traversal vulnerability when extracting (PEAR) archives |
| CVE-2022-34339 | 2022-11-03 | "IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in... |
| CVE-2022-35279 | 2022-11-03 | "IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,... |
| CVE-2022-35642 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.... |
| CVE-2022-35717 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 could allow a locally authenticated... |
| CVE-2022-38168 | 2022-11-03 | Broken Access Control in User Authentication in Avaya Scopia Pathfinder... |
| CVE-2022-38712 | 2022-11-03 | "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web... |
| CVE-2022-39234 | 2022-11-03 | user session persists even after permanently deleting account in GLPI |
| CVE-2022-39262 | 2022-11-03 | Stored Cross-Site Scripting (XSS) on login page in GLPI |