CVE List - 2022 / November
Showing 801 - 900 of 2020 CVEs for November 2022 (Page 9 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-27674 | 2022-11-09 | Insufficient validation in the IOCTL input/output buffer in AMD μProf... |
| CVE-2022-23831 | 2022-11-09 | Insufficient validation of the IOCTL input buffer in AMD μProf... |
| CVE-2022-27673 | 2022-11-09 | Insufficient access controls in the AMD Link Android app may... |
| CVE-2022-23824 | 2022-11-09 | IBPB may not prevent return branch predictions from being specified... |
| CVE-2022-44590 | 2022-11-09 | WordPress Simple Video Embedder plugin <= 2.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-45063 | 2022-11-10 | xterm before 375 allows code execution via font ops, e.g.,... |
| CVE-2021-40226 | 2022-11-10 | xpdfreader 4.03 is vulnerable to Buffer Overflow. |
| CVE-2021-40289 | 2022-11-10 | mm-wki v0.2.1 is vulnerable to Cross Site Scripting (XSS). |
| CVE-2022-26088 | 2022-11-10 | An issue was discovered in BMC Remedy before 22.1. Email-based... |
| CVE-2022-34666 | 2022-11-10 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2022-35740 | 2022-11-10 | dotCMS before 22.06 allows remote attackers to bypass intended access... |
| CVE-2022-36022 | 2022-11-10 | Some Deeplearning4J packages use unclaimed s3 bucket in tests and examples |
| CVE-2022-36938 | 2022-11-10 | DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can... |
| CVE-2022-39388 | 2022-11-10 | Istio may allow identity impersonation if user has localhost access |
| CVE-2022-39392 | 2022-11-10 | Wasmtime vulnerable to out of bounds read/write with zero-memory-pages configuration |
| CVE-2022-39393 | 2022-11-10 | Wasmtime vulnerable to data leakage between instances in the pooling allocator |
| CVE-2022-39394 | 2022-11-10 | wasmtime_trap_code C API function has out of bounds write vulnerability |
| CVE-2022-39395 | 2022-11-10 | Vela Insecure Defaults |
| CVE-2022-39396 | 2022-11-10 | Parse Server vulnerable to Remote Code Execution via prototype pollution in MongoDB BSON parser |
| CVE-2022-39398 | 2022-11-10 | InfotelGLPI vulnerable to Cross-site Scripting |
| CVE-2022-41874 | 2022-11-10 | Tauri Filesystem Scope can be Partially Bypassed |
| CVE-2022-41876 | 2022-11-10 | ezplatform-graphql GraphQL queries can expose password hashes |
| CVE-2022-41878 | 2022-11-10 | Parse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code Triggers |
| CVE-2022-41879 | 2022-11-10 | Parse Server subject to Prototype pollution via Cloud Code Webhooks |
| CVE-2022-43074 | 2022-11-10 | AyaCMS v3.1.2 was discovered to contain an arbitrary file upload... |
| CVE-2022-43679 | 2022-11-10 | The Docker image of ownCloud Server through 10.11 contains a... |
| CVE-2022-44087 | 2022-11-10 | ESPCMS P8.21120101 was discovered to contain a remote code execution... |
| CVE-2022-44088 | 2022-11-10 | ESPCMS P8.21120101 was discovered to contain a remote code execution... |
| CVE-2022-44089 | 2022-11-10 | ESPCMS P8.21120101 was discovered to contain a remote code execution... |
| CVE-2022-44727 | 2022-11-10 | The EU Cookie Law GDPR (Banner + Blocker) module before... |
| CVE-2022-45129 | 2022-11-10 | Payara before 2022-11-04, when deployed to the root context, allows... |
| CVE-2022-45130 | 2022-11-10 | Plesk Obsidian allows a CSRF attack, e.g., via the /api/v2/cli/commands... |
| CVE-2022-38119 | 2022-11-10 | POWERCOM CO., LTD. UPSMON PRO - Broken Authentication |
| CVE-2022-38120 | 2022-11-10 | POWERCOM CO., LTD. UPSMON PRO - Path Traversal |
| CVE-2022-38121 | 2022-11-10 | POWERCOM CO., LTD. UPSMON PRO - Insufficiently Protected Credentials |
| CVE-2022-38122 | 2022-11-10 | POWERCOM CO., LTD. UPSMON PRO - Cleartext Transmission of Sensitive Information |
| CVE-2022-39036 | 2022-11-10 | FLOWRING Agentflow BPM - Arbitrary File Upload |
| CVE-2022-39037 | 2022-11-10 | FLOWRING Agentflow BPM - Path Traversal |
| CVE-2022-39038 | 2022-11-10 | FLOWRING Agentflow BPM - Broken Access Control |
| CVE-2022-3866 | 2022-11-10 | Nomad Workload Identity Token Can List Non-sensitive Metadata for Paths Under nomad/ |
| CVE-2022-3867 | 2022-11-10 | Nomad Event Stream Subscriber Using a Token with TTL Receives Updates Until Garbage Collected |
| CVE-2022-31255 | 2022-11-10 | SUMA/UYUNI directory path traversal vulnerability in CobblerSnipperViewAction |
| CVE-2022-43753 | 2022-11-10 | SUMA/UYUNI arbitrary file disclosure vulnerability in ScapResultDownload |
| CVE-2022-43754 | 2022-11-10 | SUMA/UYUNI reflected cross site scripting in /rhn/audit/scap/Search.do |
| CVE-2022-42785 | 2022-11-10 | Wiesemann & Theis: Authentication bypass in Com-Server family |
| CVE-2022-42786 | 2022-11-10 | Wiesemann & Theis: XSS vulnerability in web interface of the Com-Server family |
| CVE-2022-42787 | 2022-11-10 | Wiesemann & Theis: Small number space for allocating session id in Com-Server family |
| CVE-2022-20946 | 2022-11-10 | A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation... |
| CVE-2022-20947 | 2022-11-10 | A vulnerability in dynamic access policies (DAP) functionality of Cisco... |
| CVE-2022-20918 | 2022-11-10 | A vulnerability in the Simple Network Management Protocol (SNMP) access... |
| CVE-2022-20927 | 2022-11-10 | A vulnerability in the SSL/TLS client of Cisco Adaptive Security... |
| CVE-2022-20924 | 2022-11-10 | A vulnerability in the Simple Network Management Protocol (SNMP) feature... |
| CVE-2022-20854 | 2022-11-10 | A vulnerability in the processing of SSH connections of Cisco... |
| CVE-2022-20826 | 2022-11-10 | A vulnerability in the secure boot implementation of Cisco Secure... |
| CVE-2022-20949 | 2022-11-10 | A vulnerability in the management web server of Cisco Firepower... |
| CVE-2022-20950 | 2022-11-10 | A vulnerability in the interaction of SIP and Snort 3... |
| CVE-2022-20934 | 2022-11-10 | A vulnerability in the CLI of Cisco Firepower Threat Defense... |
| CVE-2022-20925 | 2022-11-10 | A vulnerability in the web management interface of the Cisco... |
| CVE-2022-20926 | 2022-11-10 | A vulnerability in the web management interface of the Cisco... |
| CVE-2022-20928 | 2022-11-10 | A vulnerability in the authentication and authorization flows for VPN... |
| CVE-2022-20922 | 2022-11-10 | Multiple vulnerabilities in the Server Message Block Version 2 (SMB2)... |
| CVE-2022-20943 | 2022-11-10 | Multiple vulnerabilities in the Server Message Block Version 2 (SMB2)... |
| CVE-2022-20941 | 2022-11-10 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2022-20940 | 2022-11-10 | A vulnerability in the TLS handler of Cisco Firepower Threat... |
| CVE-2022-20831 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20832 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20833 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20834 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20835 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20836 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20838 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20839 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20840 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20843 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20872 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20905 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20932 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20935 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20936 | 2022-11-10 | Multiple vulnerabilities in the web-based management interface of Cisco Firepower... |
| CVE-2022-20938 | 2022-11-10 | A vulnerability in the module import function of the administrative... |
| CVE-2022-41719 | 2022-11-10 | Panic in github.com/shamaton/msgpack/v2 |
| CVE-2022-41607 | 2022-11-10 | ETIC Telecom Remote Access Server Path Traversal |
| CVE-2022-40981 | 2022-11-10 | ETIC Telecom Remote Access Server Unrestricted Upload of File with Dangerous Type |
| CVE-2022-3703 | 2022-11-10 | ETIC Telecom Remote Access Server Insufficient Verification of Data Authenticity |
| CVE-2022-42460 | 2022-11-10 | WordPress Traffic Manager plugin <= 1.4.5 - Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS) |
| CVE-2021-0185 | 2022-11-10 | Improper input validation in the firmware for some Intel(R) Server... |
| CVE-2022-3941 | 2022-11-11 | Activity Log Plugin HTTP Header neutralization for logs |
| CVE-2022-3950 | 2022-11-11 | sanluan PublicCMS Tab dwz.min.js initLink cross site scripting |
| CVE-2022-3939 | 2022-11-11 | lanyulei ferry API file.go path traversal |
| CVE-2022-3940 | 2022-11-11 | lanyulei ferry task.go path traversal |
| CVE-2022-3942 | 2022-11-11 | SourceCodester Sanitization Management System cross site scripting |
| CVE-2022-3943 | 2022-11-11 | ForU CMS cms_chip.php cross site scripting |
| CVE-2022-3944 | 2022-11-11 | jerryhanjj ERP Commodity Management inventory.php uploadImages unrestricted upload |
| CVE-2022-3945 | 2022-11-11 | Improper Restriction of Excessive Authentication Attempts in kareadita/kavita |
| CVE-2022-3947 | 2022-11-11 | eolinker goku_lite list sql injection |
| CVE-2022-3948 | 2022-11-11 | eolinker goku_lite getList sql injection |
| CVE-2022-3949 | 2022-11-11 | Sourcecodester Simple Cashiering System User Account cross site scripting |
| CVE-2022-3952 | 2022-11-11 | ManyDesigns Portofino WarFileLauncher.java createTempDir temp file |
| CVE-2022-3955 | 2022-11-11 | tholum crm42 Login class.user.php sql injection |
| CVE-2022-3956 | 2022-11-11 | tsruban HHIMS Patient Portrait sql injection |