CVE List - 2022 / November
Showing 701 - 800 of 2020 CVEs for November 2022 (Page 8 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-31688 | 2022-11-09 | VMware Workspace ONE Assist prior to 22.10 contains a Reflected... |
| CVE-2022-31689 | 2022-11-09 | VMware Workspace ONE Assist prior to 22.10 contains a Session... |
| CVE-2022-3265 | 2022-11-09 | A cross-site scripting issue has been discovered in GitLab CE/EE... |
| CVE-2022-3280 | 2022-11-09 | An open redirect in GitLab CE/EE affecting all versions from... |
| CVE-2022-3285 | 2022-11-09 | Bypass of healthcheck endpoint allow list affecting all versions from... |
| CVE-2022-3413 | 2022-11-09 | Incorrect authorization during display of Audit Events in GitLab EE... |
| CVE-2022-3483 | 2022-11-09 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2022-3486 | 2022-11-09 | An open redirect vulnerability in GitLab EE/CE affecting all versions... |
| CVE-2022-3706 | 2022-11-09 | Improper authorization in GitLab CE/EE affecting all versions from 7.14... |
| CVE-2022-3726 | 2022-11-09 | Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting... |
| CVE-2022-3793 | 2022-11-09 | An improper authorization issue in GitLab CE/EE affecting all versions... |
| CVE-2022-3818 | 2022-11-09 | An uncontrolled resource consumption issue when parsing URLs in GitLab... |
| CVE-2022-3819 | 2022-11-09 | An improper authorization issue in GitLab CE/EE affecting all versions... |
| CVE-2022-39306 | 2022-11-09 | Grafana contains Improper Input Validation |
| CVE-2022-39307 | 2022-11-09 | Grafana subject to Exposure of Sensitive Information resulting in User enumeration via forget password |
| CVE-2022-39368 | 2022-11-09 | Californium Failing DTLS handshakes causes Data Loss due to throttling blocking processing of records |
| CVE-2022-39879 | 2022-11-09 | Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1... |
| CVE-2022-39880 | 2022-11-09 | Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022... |
| CVE-2022-39881 | 2022-11-09 | Improper input validation vulnerability for processing SIB12 PDU in Exynos... |
| CVE-2022-39882 | 2022-11-09 | Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior... |
| CVE-2022-39883 | 2022-11-09 | Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release... |
| CVE-2022-39884 | 2022-11-09 | Improper access control vulnerability in IImsService prior to SMR Nov-2022... |
| CVE-2022-39885 | 2022-11-09 | Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to... |
| CVE-2022-39886 | 2022-11-09 | Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to... |
| CVE-2022-39887 | 2022-11-09 | Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to... |
| CVE-2022-39889 | 2022-11-09 | Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351... |
| CVE-2022-39890 | 2022-11-09 | Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows... |
| CVE-2022-39891 | 2022-11-09 | Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor... |
| CVE-2022-39892 | 2022-11-09 | Improper access control in Samsung Pass prior to version 4.0.05.1... |
| CVE-2022-39893 | 2022-11-09 | Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro... |
| CVE-2022-40797 | 2022-11-09 | Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar... |
| CVE-2022-41049 | 2022-11-09 | Windows Mark of the Web Security Feature Bypass Vulnerability |
| CVE-2022-41054 | 2022-11-09 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
| CVE-2022-41061 | 2022-11-09 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2022-41073 | 2022-11-09 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2022-41080 | 2022-11-09 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
| CVE-2022-41125 | 2022-11-09 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
| CVE-2022-41128 | 2022-11-09 | Windows Scripting Languages Remote Code Execution Vulnerability |
| CVE-2022-42964 | 2022-11-09 | Exponential ReDoS in pymatgen leads to denial of service |
| CVE-2022-42965 | 2022-11-09 | Exponential ReDoS in snowflake-connector-python leads to denial of service |
| CVE-2022-42966 | 2022-11-09 | Exponential ReDoS in cleo leads to denial of service |
| CVE-2022-43031 | 2022-11-09 | DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2022-43058 | 2022-11-09 | Online Diagnostic Lab Management System v1.0 was discovered to contain... |
| CVE-2022-43118 | 2022-11-09 | A cross-site scripting (XSS) vulnerability in flatCore-CMS v2.1.0 allows attackers... |
| CVE-2022-43119 | 2022-11-09 | A cross-site scripting (XSS) vulnerability in Clansphere CMS v2011.4 allows... |
| CVE-2022-43120 | 2022-11-09 | A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of... |
| CVE-2022-43121 | 2022-11-09 | A cross-site scripting (XSS) vulnerability in the CMS Field Add... |
| CVE-2022-43277 | 2022-11-09 | Canteen Management System v1.0 was discovered to contain an arbitrary... |
| CVE-2022-43278 | 2022-11-09 | Canteen Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-43290 | 2022-11-09 | Canteen Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-43291 | 2022-11-09 | Canteen Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-43292 | 2022-11-09 | Canteen Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-43310 | 2022-11-09 | An Uncontrolled Search Path Element in Foxit Software released Foxit... |
| CVE-2022-43320 | 2022-11-09 | FeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting... |
| CVE-2022-43321 | 2022-11-09 | Shopwind v3.4.3 was discovered to contain a reflected cross-site scripting... |
| CVE-2022-44244 | 2022-11-09 | An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate... |
| CVE-2022-44546 | 2022-11-09 | The kernel module has the vulnerability that the mapping is... |
| CVE-2022-44547 | 2022-11-09 | The Display Service module has a UAF vulnerability. Successful exploitation... |
| CVE-2022-44548 | 2022-11-09 | There is a vulnerability in permission verification during the Bluetooth... |
| CVE-2022-44549 | 2022-11-09 | The LBS module has a vulnerability in geofencing API access.... |
| CVE-2022-44550 | 2022-11-09 | The graphics display module has a UAF vulnerability when traversing... |
| CVE-2022-44551 | 2022-11-09 | The iaware module has a vulnerability in thread security. Successful... |
| CVE-2022-44552 | 2022-11-09 | The lock screen module has defects introduced in the design... |
| CVE-2022-44553 | 2022-11-09 | The HiView module has a vulnerability of not filtering third-party... |
| CVE-2022-44554 | 2022-11-09 | The power module has a vulnerability in permission verification. Successful... |
| CVE-2022-44555 | 2022-11-09 | The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit... |
| CVE-2022-44557 | 2022-11-09 | The SmartTrimProcessEvent module has a vulnerability of obtaining the read... |
| CVE-2022-44558 | 2022-11-09 | The AMS module has a vulnerability of serialization/deserialization mismatch. Successful... |
| CVE-2022-44559 | 2022-11-09 | The AMS module has a vulnerability of serialization/deserialization mismatch. Successful... |
| CVE-2022-44560 | 2022-11-09 | The launcher module has an Intent redirection vulnerability. Successful exploitation... |
| CVE-2022-44561 | 2022-11-09 | The preset launcher module has a permission verification vulnerability. Successful... |
| CVE-2022-44562 | 2022-11-09 | The system framework layer has a vulnerability of serialization/deserialization mismatch.... |
| CVE-2022-44563 | 2022-11-09 | There is a race condition vulnerability in SD upgrade mode.... |
| CVE-2022-45059 | 2022-11-09 | An issue was discovered in Varnish Cache 7.x before 7.1.2... |
| CVE-2022-45060 | 2022-11-09 | An HTTP Request Forgery issue was discovered in Varnish Cache... |
| CVE-2022-45061 | 2022-11-09 | An issue was discovered in Python before 3.11.1. An unnecessary... |
| CVE-2022-45062 | 2022-11-09 | In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there... |
| CVE-2022-31253 | 2022-11-09 | openldap2: /usr/lib/openldap/start allows ldap user/group to recursively chown arbitrary directory trees to itself |
| CVE-2021-34566 | 2022-11-09 | WAGO I/O-Check Service prone to Memory Overflow |
| CVE-2021-34567 | 2022-11-09 | WAGO I/O-Check Service prone to Out-of-bounds Read |
| CVE-2021-34568 | 2022-11-09 | WAGO I/O-Check Service prone to Allocation of Resources Without Limits or Throttling |
| CVE-2021-34569 | 2022-11-09 | WAGO I/O-Check Service prone to Out-of-bounds Write |
| CVE-2022-43488 | 2022-11-09 | WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-41978 | 2022-11-09 | WordPress Zoho CRM Lead Magnet plugin <= 1.7.5.8 - Auth. Arbitrary Options Update vulnerability |
| CVE-2021-34577 | 2022-11-09 | Hardcoded credentials in Kaden PICOFLUX AiR |
| CVE-2021-34579 | 2022-11-09 | PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management |
| CVE-2022-0031 | 2022-11-09 | Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine |
| CVE-2022-25932 | 2022-11-09 | The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for... |
| CVE-2022-26023 | 2022-11-09 | A leftover debug code vulnerability exists in the console verify... |
| CVE-2022-28689 | 2022-11-09 | A leftover debug code vulnerability exists in the console support... |
| CVE-2022-29481 | 2022-11-09 | A leftover debug code vulnerability exists in the console nvram... |
| CVE-2022-29888 | 2022-11-09 | A leftover debug code vulnerability exists in the httpd port... |
| CVE-2022-30543 | 2022-11-09 | A leftover debug code vulnerability exists in the console infct... |
| CVE-2022-32588 | 2022-11-09 | An out-of-bounds write vulnerability exists in the PICT parsing pctwread_14841... |
| CVE-2020-12931 | 2022-11-09 | Improper parameters handling in the AMD Secure Processor (ASP) kernel... |
| CVE-2021-26391 | 2022-11-09 | Insufficient verification of multiple header signatures while loading a Trusted... |
| CVE-2021-26393 | 2022-11-09 | Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted... |
| CVE-2020-12930 | 2022-11-09 | Improper parameters handling in AMD Secure Processor (ASP) drivers may... |
| CVE-2021-26360 | 2022-11-09 | An attacker with local access to the system can make... |
| CVE-2021-26392 | 2022-11-09 | Insufficient verification of missing size check in 'LoadModule' may lead... |