CVE List - 2022 / December
Showing 1 - 100 of 2356 CVEs for December 2022 (Page 1 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-23737 | 2022-12-01 | Improper Privilege Management in GitHub Enterprise Server leading to page creation and deletion |
| CVE-2022-28607 | 2022-12-01 | An issue was discovered in asith-eranga ISIC tour booking through... |
| CVE-2022-29837 | 2022-12-01 | Path traversal Vulnerability in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi Devices |
| CVE-2022-30528 | 2022-12-01 | SQL Injection vulnerability in asith-eranga ISIC tour booking through version... |
| CVE-2022-3226 | 2022-12-01 | An OS command injection vulnerability allows admins to execute code... |
| CVE-2022-35120 | 2022-12-01 | IXPdata EasyInstall 6.6.14725 contains an access control issue. |
| CVE-2022-36431 | 2022-12-01 | An arbitrary file upload vulnerability in Rocket TRUfusion Enterprise before... |
| CVE-2022-3696 | 2022-12-01 | A post-auth code injection vulnerability allows admins to execute code... |
| CVE-2022-37016 | 2022-12-01 | Symantec Endpoint Protection (Windows) agent may be susceptible to a... |
| CVE-2022-37017 | 2022-12-01 | Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5... |
| CVE-2022-3709 | 2022-12-01 | A stored XSS vulnerability allows admin to super-admin privilege escalation... |
| CVE-2022-3710 | 2022-12-01 | A post-auth read-only SQL injection vulnerability allows API clients to... |
| CVE-2022-3711 | 2022-12-01 | A post-auth read-only SQL injection vulnerability allows users to read... |
| CVE-2022-3713 | 2022-12-01 | A code injection vulnerability allows adjacent attackers to execute code... |
| CVE-2022-40489 | 2022-12-01 | ThinkCMF version 6.0.7 is affected by a Cross Site Request... |
| CVE-2022-40849 | 2022-12-01 | ThinkCMF version 6.0.7 is affected by Stored Cross-Site Scripting (XSS).... |
| CVE-2022-4246 | 2022-12-01 | Kakao PotPlayer MID File denial of service |
| CVE-2022-4247 | 2022-12-01 | Movie Ticket Booking System booking.php sql injection |
| CVE-2022-4248 | 2022-12-01 | Movie Ticket Booking System editBooking.php sql injection |
| CVE-2022-4249 | 2022-12-01 | Movie Ticket Booking System POST Request cross site scripting |
| CVE-2022-4250 | 2022-12-01 | Movie Ticket Booking System booking.php cross site scripting |
| CVE-2022-4251 | 2022-12-01 | Movie Ticket Booking System editBooking.php cross site scripting |
| CVE-2022-4252 | 2022-12-01 | SourceCodester Canteen Management System categories.php builtin_echo cross site scripting |
| CVE-2022-4253 | 2022-12-01 | SourceCodester Canteen Management System customer.php builtin_echo cross site scripting |
| CVE-2022-4257 | 2022-12-01 | C-DATA Web Management System GET Parameter jumpto.php argument injection |
| CVE-2022-42718 | 2022-12-01 | Incorrect default permissions in the installation folder for NI LabVIEW... |
| CVE-2022-43333 | 2022-12-01 | Telenia Software s.r.l TVox before v22.0.17 was discovered to contain... |
| CVE-2022-44211 | 2022-12-01 | In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote... |
| CVE-2022-44212 | 2022-12-01 | In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to... |
| CVE-2022-44262 | 2022-12-01 | ff4j 1.8.1 is vulnerable to Remote Code Execution (RCE). |
| CVE-2022-45045 | 2022-12-01 | Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000,... |
| CVE-2022-45640 | 2022-12-01 | Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes... |
| CVE-2022-45050 | 2022-12-01 | Reflected XSS in Axiell Iguana CMS |
| CVE-2022-4221 | 2022-12-01 | OS command injection in ASUS M25 NAS |
| CVE-2022-3270 | 2022-12-01 | Incomplete Documentation of remote functions in FESTO products. |
| CVE-2022-1471 | 2022-12-01 | Remote Code execution in SnakeYAML |
| CVE-2022-45797 | 2022-12-01 | An arbitrary file deletion vulnerability in the Damage Cleanup Engine... |
| CVE-2021-38997 | 2022-12-01 | IBM API Connect HOST header injection |
| CVE-2022-2969 | 2022-12-01 | ICSA-22-307-03 Delta Industrial Automation DIALink Path traversal |
| CVE-2022-41296 | 2022-12-01 | IBM Db2U cross-site respect forgery |
| CVE-2022-41297 | 2022-12-01 | IBM Db2U cross-site request forgery |
| CVE-2022-43900 | 2022-12-01 | IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps security bypass |
| CVE-2022-43901 | 2022-12-01 | IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps information disclosure |
| CVE-2022-41968 | 2022-12-01 | Nextcloud Server's calendar name length not validated before writing to database |
| CVE-2022-41969 | 2022-12-01 | Nextcloud Server has no password length limit when creating a user as an administrator |
| CVE-2022-41970 | 2022-12-01 | Nextcloud Server's disabled download shares still allow download through preview images |
| CVE-2022-41971 | 2022-12-01 | Nextcloud Talk guests can continue to receive video streams from call after being removed from a conversation |
| CVE-2022-43272 | 2022-12-02 | DCMTK v3.6.7 was discovered to contain a memory leak via... |
| CVE-2022-46366 | 2022-12-02 | Apache Tapestry prior to version 4 (EOL) allows RCE though deserialization of untrusted input |
| CVE-2022-3520 | 2022-12-02 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-3591 | 2022-12-02 | Use After Free in vim/vim |
| CVE-2022-4262 | 2022-12-02 | Type confusion in V8 in Google Chrome prior to 108.0.5359.94... |
| CVE-2022-4271 | 2022-12-02 | Cross-site Scripting (XSS) - Reflected in osticket/osticket |
| CVE-2022-43325 | 2022-12-02 | An unauthenticated command injection vulnerability in the product license validation... |
| CVE-2022-44277 | 2022-12-02 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-44290 | 2022-12-02 | webTareas 2.4p5 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-44291 | 2022-12-02 | webTareas 2.4p5 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-44345 | 2022-12-02 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-44347 | 2022-12-02 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-44348 | 2022-12-02 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-44362 | 2022-12-02 | Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule. |
| CVE-2022-44363 | 2022-12-02 | Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo. |
| CVE-2022-44365 | 2022-12-02 | Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd. |
| CVE-2022-44366 | 2022-12-02 | Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo. |
| CVE-2022-44367 | 2022-12-02 | Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo. |
| CVE-2022-44928 | 2022-12-02 | D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection... |
| CVE-2022-44929 | 2022-12-02 | An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated... |
| CVE-2022-44930 | 2022-12-02 | D-Link DHP-W310AV 3.10EU was discovered to contain a command injection... |
| CVE-2022-44944 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44945 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-44946 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44947 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44948 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44949 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44950 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44951 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44952 | 2022-12-02 | Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44953 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-44954 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-44955 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-44956 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-44957 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-44959 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-44960 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-44961 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-44962 | 2022-12-02 | webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-45215 | 2022-12-02 | A cross-site scripting (XSS) vulnerability in Book Store Management System... |
| CVE-2022-45480 | 2022-12-02 | PC Keyboard WiFi & Bluetooth allows an attacker (in a... |
| CVE-2022-45482 | 2022-12-02 | Lazy Mouse server enforces weak password requirements and doesn't implement... |
| CVE-2022-45483 | 2022-12-02 | Lazy Mouse allows an attacker (in a man in the... |
| CVE-2022-45562 | 2022-12-02 | Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to... |
| CVE-2022-45641 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg. |
| CVE-2022-45643 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow... |
| CVE-2022-45644 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow... |
| CVE-2022-45645 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow... |
| CVE-2022-45646 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow... |
| CVE-2022-45647 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow... |
| CVE-2022-45648 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow... |
| CVE-2022-45649 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow... |
| CVE-2022-45650 | 2022-12-02 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow... |