CVE List - 2022 / November
Showing 301 - 400 of 2020 CVEs for November 2022 (Page 4 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-39276 | 2022-11-03 | Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning |
| CVE-2022-39277 | 2022-11-03 | Cross-Site Scripting (XSS) in external links in GLPI |
| CVE-2022-39323 | 2022-11-03 | SQL Injection on REST API in GLPI |
| CVE-2022-39370 | 2022-11-03 | Improper access to debug panel in GLPI |
| CVE-2022-39371 | 2022-11-03 | Stored Cross-Site Scripting (XSS) through asset inventory in GLPI |
| CVE-2022-39372 | 2022-11-03 | Stored Cross-Site Scripting (XSS) in user information in GLPI |
| CVE-2022-39373 | 2022-11-03 | Stored Cross-Site Scripting (XSS) in entity name in GLPI |
| CVE-2022-39375 | 2022-11-03 | Cross-Site Scripting (XSS) through public RSS feed in GLPI |
| CVE-2022-39376 | 2022-11-03 | Improper input validation on emails links in GLPI |
| CVE-2022-39382 | 2022-11-03 | NODE_ENV in Keystone defaults to development with esbuild |
| CVE-2022-40230 | 2022-11-03 | "IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and... |
| CVE-2022-40235 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 could allow a user to... |
| CVE-2022-40276 | 2022-11-03 | Zettlr version 2.3.0 allows an external attacker to remotely obtain... |
| CVE-2022-40747 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 is vulnerable to an XML... |
| CVE-2022-41435 | 2022-11-03 | OpenWRT LuCI version git-22.140.66206-02913be was discovered to contain a stored... |
| CVE-2022-41710 | 2022-11-03 | Markdownify version 1.4.1 allows an external attacker to remotely obtain... |
| CVE-2022-41713 | 2022-11-03 | deep-object-diff version 1.1.0 allows an external attacker to edit or... |
| CVE-2022-41714 | 2022-11-03 | fastest-json-copy version 1.0.1 allows an external attacker to edit or... |
| CVE-2022-42442 | 2022-11-03 | IBM Robotic Process Automation for Cloud Pak information disclosure |
| CVE-2022-42743 | 2022-11-03 | deep-parse-json version 1.0.2 allows an external attacker to edit or... |
| CVE-2022-42744 | 2022-11-03 | CandidATS version 3.0.0 allows an external attacker to perform CRUD... |
| CVE-2022-42746 | 2022-11-03 | CandidATS version 3.0.0 on 'indexFile' of the 'ajax.php' resource, allows... |
| CVE-2022-42747 | 2022-11-03 | CandidATS version 3.0.0 on 'sortBy' of the 'ajax.php' resource, allows... |
| CVE-2022-42748 | 2022-11-03 | CandidATS version 3.0.0 on 'sortDirection' of the 'ajax.php' resource, allows... |
| CVE-2022-42749 | 2022-11-03 | CandidATS version 3.0.0 on 'page' of the 'ajax.php' resource, allows... |
| CVE-2022-42750 | 2022-11-03 | CandidATS version 3.0.0 allows an external attacker to steal the... |
| CVE-2022-42751 | 2022-11-03 | CandidATS version 3.0.0 allows an external attacker to elevate privileges... |
| CVE-2022-42753 | 2022-11-03 | SalonERP version 3.0.2 allows an external attacker to steal the... |
| CVE-2022-43061 | 2022-11-03 | Online Tours & Travels Management System v1.0 was discovered to... |
| CVE-2022-43062 | 2022-11-03 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43063 | 2022-11-03 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43101 | 2022-11-03 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow... |
| CVE-2022-43102 | 2022-11-03 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow... |
| CVE-2022-43103 | 2022-11-03 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow... |
| CVE-2022-43104 | 2022-11-03 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow... |
| CVE-2022-43105 | 2022-11-03 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow... |
| CVE-2022-43106 | 2022-11-03 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow... |
| CVE-2022-43107 | 2022-11-03 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow... |
| CVE-2022-43108 | 2022-11-03 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow... |
| CVE-2022-43109 | 2022-11-03 | D-Link DIR-823G v1.0.2 was found to contain a command injection... |
| CVE-2022-43372 | 2022-11-03 | Emlog Pro v1.7.1 was discovered to contain a reflected cross-site... |
| CVE-2022-43574 | 2022-11-03 | "IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5... |
| CVE-2022-44622 | 2022-11-03 | In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions... |
| CVE-2022-44623 | 2022-11-03 | In JetBrains TeamCity version before 2022.10, Project Viewer could see... |
| CVE-2022-44624 | 2022-11-03 | In JetBrains TeamCity version before 2022.10, Password parameters could be... |
| CVE-2022-44638 | 2022-11-03 | In libpixman in Pixman before 0.42.2, there is an out-of-bounds... |
| CVE-2022-44646 | 2022-11-03 | In JetBrains TeamCity version before 2022.10, no audit items were... |
| CVE-2022-37927 | 2022-11-03 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett... |
| CVE-2022-37929 | 2022-11-03 | Improper Privilege Management vulnerability in Hewlett Packard Enterprise Nimble Storage... |
| CVE-2022-37930 | 2022-11-03 | A security vulnerability has been identified in HPE Nimble Storage... |
| CVE-2022-37928 | 2022-11-03 | Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise... |
| CVE-2021-46846 | 2022-11-03 | Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out... |
| CVE-2022-2696 | 2022-11-03 | The Restaurant Menu – Food Ordering System – Table Reservation... |
| CVE-2022-3776 | 2022-11-03 | The Restaurant Menu – Food Ordering System – Table Reservation... |
| CVE-2022-3852 | 2022-11-03 | The VR Calendar plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2022-3675 | 2022-11-03 | Fedora CoreOS supports setting a GRUB bootloader password using a... |
| CVE-2022-3258 | 2022-11-03 | Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce... |
| CVE-2022-37897 | 2022-11-03 | There is a command injection vulnerability that could lead to... |
| CVE-2022-37898 | 2022-11-03 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2022-37899 | 2022-11-03 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2022-20961 | 2022-11-03 | A vulnerability in the web-based management interface of Cisco Identity... |
| CVE-2022-37900 | 2022-11-03 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2022-37901 | 2022-11-03 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2022-37902 | 2022-11-03 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2022-37912 | 2022-11-03 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2022-37903 | 2022-11-03 | A vulnerability exists that allows an authenticated attacker to overwrite... |
| CVE-2022-37904 | 2022-11-03 | Vulnerabilities in ArubaOS running on 7xxx series controllers exist that... |
| CVE-2022-43451 | 2022-11-03 | Multiple path traversal in appspawn and nwebspawn services. |
| CVE-2022-43449 | 2022-11-03 | Arbitrary file read via download_server. |
| CVE-2022-43495 | 2022-11-03 | An abnormal packet recieved when distributedhardware_device_manager joining a network could cause a device reboot. |
| CVE-2022-37905 | 2022-11-03 | Vulnerabilities in ArubaOS running on 7xxx series controllers exist that... |
| CVE-2022-37906 | 2022-11-03 | An authenticated path traversal vulnerability exists in the ArubaOS command... |
| CVE-2021-44862 | 2022-11-03 | Sensitive Information store in NSClient logs |
| CVE-2022-36428 | 2022-11-03 | WordPress Rock Convert plugin <= 2.11.0 - Auth. Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-37907 | 2022-11-03 | A vulnerability exists in the ArubaOS bootloader on 7xxx series... |
| CVE-2022-40131 | 2022-11-03 | WordPress Page View Count plugin <= 2.5.5 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-20951 | 2022-11-03 | A vulnerability in the web-based management interface of Cisco BroadWorks... |
| CVE-2022-20958 | 2022-11-03 | A vulnerability in the web-based management interface of Cisco BroadWorks... |
| CVE-2022-36404 | 2022-11-03 | WordPress Simple SEO plugin <= 1.8.12 - Broken Access Control vulnerability |
| CVE-2022-20956 | 2022-11-03 | A vulnerability in the web-based management interface of Cisco Identity... |
| CVE-2022-20867 | 2022-11-03 | A vulnerability in web-based management interface of the of Cisco... |
| CVE-2022-20868 | 2022-11-03 | A vulnerability in the web-based management interface of Cisco Email... |
| CVE-2022-37908 | 2022-11-03 | An authenticated attacker can impact the integrity of the ArubaOS... |
| CVE-2022-20960 | 2022-11-03 | A vulnerability in Cisco AsyncOS Software for Cisco Email Security... |
| CVE-2022-20942 | 2022-11-03 | A vulnerability in the web-based management interface of Cisco Email... |
| CVE-2022-44627 | 2022-11-03 | WordPress Simple SEO plugin <= 1.8.12 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-20969 | 2022-11-03 | A vulnerability in multiple management dashboard pages of Cisco Umbrella... |
| CVE-2022-20937 | 2022-11-03 | A vulnerability in a feature that monitors RADIUS requests on... |
| CVE-2022-37909 | 2022-11-03 | Aruba has identified certain configurations of ArubaOS that can lead... |
| CVE-2022-20963 | 2022-11-03 | A vulnerability in the web-based management interface of Cisco Identity... |
| CVE-2022-20772 | 2022-11-03 | A vulnerability in Cisco Email Security Appliance (ESA) and Cisco... |
| CVE-2022-44628 | 2022-11-03 | WordPress 4ECPS Web Forms plugin <= 0.2.17 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2021-36906 | 2022-11-03 | WordPress Quiz And Survey Master plugin <= 7.3.6 - Multiple Insecure direct object references (IDOR) vulnerabilities |
| CVE-2022-37910 | 2022-11-03 | A buffer overflow vulnerability exists in the ArubaOS command line... |
| CVE-2022-25952 | 2022-11-03 | WordPress Content Egg plugin <= 5.4.0 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-37911 | 2022-11-03 | Due to improper restrictions on XML entities multiple vulnerabilities exist... |
| CVE-2022-20962 | 2022-11-03 | A vulnerability in the Localdisk Management feature of Cisco Identity... |
| CVE-2022-43561 | 2022-11-03 | Persistent Cross-Site Scripting in “Save Table” Dialog in Splunk Enterprise |
| CVE-2022-43571 | 2022-11-03 | Remote Code Execution through dashboard PDF generation component in Splunk Enterprise |
| CVE-2021-34055 | 2022-11-04 | jhead 3.06 is vulnerable to Buffer Overflow via exif.c in... |