CVE List - 2022 / December
Showing 301 - 400 of 2356 CVEs for December 2022 (Page 4 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-42761 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42762 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42763 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42764 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42765 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42766 | 2022-12-06 | In wlan driver, there is a possible missing permission check,... |
| CVE-2022-42767 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42768 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42769 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42770 | 2022-12-06 | In wlan driver, there is a race condition, This could... |
| CVE-2022-42771 | 2022-12-06 | In wlan driver, there is a race condition, This could... |
| CVE-2022-42772 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42773 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42774 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42775 | 2022-12-06 | In camera driver, there is a possible memory corruption due... |
| CVE-2022-42776 | 2022-12-06 | In UscAIEngine service, there is a missing permission check. This... |
| CVE-2022-42777 | 2022-12-06 | In power management service, there is a missing permission check.... |
| CVE-2022-42778 | 2022-12-06 | In windows manager service, there is a missing permission check.... |
| CVE-2022-42779 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42780 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42781 | 2022-12-06 | In wlan driver, there is a possible missing bounds check,... |
| CVE-2022-42782 | 2022-12-06 | In wlan driver, there is a possible missing permission check,... |
| CVE-2022-4296 | 2022-12-06 | TP-Link TL-WR740N ARP resource consumption |
| CVE-2022-4300 | 2022-12-06 | FastCMS Template edit injection |
| CVE-2022-4314 | 2022-12-06 | Improper Privilege Management in ikus060/rdiffweb |
| CVE-2022-43369 | 2022-12-06 | AutoTaxi Stand Management System v1.0 was discovered to contain a... |
| CVE-2022-44030 | 2022-12-06 | Redmine 5.x before 5.0.4 allows downloading of file attachments of... |
| CVE-2022-44289 | 2022-12-06 | Thinkphp 5.1.41 and 5.0.24 has a code logic error which... |
| CVE-2022-44900 | 2022-12-06 | A directory traversal vulnerability in the SevenZipFile.extractall() function of the... |
| CVE-2022-45326 | 2022-12-06 | An XML external entity (XXE) injection vulnerability in Kwoksys Kwok... |
| CVE-2022-45548 | 2022-12-06 | AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability. |
| CVE-2022-46382 | 2022-12-06 | RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through... |
| CVE-2022-46383 | 2022-12-06 | RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through... |
| CVE-2022-46151 | 2022-12-06 | Reflected XSS |
| CVE-2022-34881 | 2022-12-06 | Information Exposure Vulnerability in JP1/Automatic Operation |
| CVE-2022-40209 | 2022-12-06 | WP Smart Import plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-38123 | 2022-12-06 | Insufficient validation of plugin files |
| CVE-2022-35843 | 2022-12-06 | An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the... |
| CVE-2022-40680 | 2022-12-06 | A improper neutralization of input during web page generation ('cross-site... |
| CVE-2022-30305 | 2022-12-06 | An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to... |
| CVE-2022-38379 | 2022-12-06 | Improper neutralization of input during web page generation [CWE-79] in... |
| CVE-2022-33876 | 2022-12-06 | Multiple instances of improper input validation vulnerability in Fortinet FortiADC... |
| CVE-2022-33875 | 2022-12-06 | An improper neutralization of special elements used in an SQL... |
| CVE-2022-23472 | 2022-12-06 | Use of insecure random number generator in Passeo |
| CVE-2022-23470 | 2022-12-06 | Arbitrary file access in the Galaxy data analysis platform |
| CVE-2022-34361 | 2022-12-06 | IBM Sterling Secure Proxy information disclosure |
| CVE-2022-23466 | 2022-12-06 | DOM-based cross-site scripting (XSS) in teler dashboard |
| CVE-2022-46154 | 2022-12-06 | Arbitrary file access in KodExplorer |
| CVE-2022-43867 | 2022-12-06 | IBM Spectrum Scale command execution |
| CVE-2022-46161 | 2022-12-06 | Code injection in pdfmake |
| CVE-2022-23475 | 2022-12-06 | dalorRadius full account take over |
| CVE-2022-46332 | 2022-12-06 | Proofpoint Enterprise Protection (PPS/PoD) XSS in "Attachment Names" |
| CVE-2022-46333 | 2022-12-06 | Proofpoint Enterprise Protection perl eval() arbitrary command execution |
| CVE-2022-45359 | 2022-12-06 | WordPress YITH WooCommerce Gift Cards Premium Plugin <= 3.19.0 is vulnerable to Arbitrary File Upload |
| CVE-2022-42888 | 2022-12-06 | WordPress ARMember Plugin <= 5.5.1 is vulnerable to Privilege Escalation |
| CVE-2022-45848 | 2022-12-06 | WordPress Contest Gallery Plugin <= 13.1.0.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-45816 | 2022-12-06 | WordPress GD bbPress Attachments Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-45833 | 2022-12-06 | WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Directory Traversal |
| CVE-2022-45829 | 2022-12-06 | WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Arbitrary File Deletion |
| CVE-2022-42699 | 2022-12-06 | WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Remote Code Execution (RCE) |
| CVE-2022-3643 | 2022-12-07 | Guests can trigger NIC interface reset/abort/crash via netback It is... |
| CVE-2022-45918 | 2022-12-07 | ILIAS before 7.16 allows External Control of File Name or... |
| CVE-2022-34840 | 2022-12-07 | Use of hard-coded credentials vulnerability in multiple Buffalo network devices... |
| CVE-2022-37406 | 2022-12-07 | Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior... |
| CVE-2022-39044 | 2022-12-07 | Hidden functionality vulnerability in multiple Buffalo network devices allows a... |
| CVE-2022-40966 | 2022-12-07 | Authentication bypass vulnerability in multiple Buffalo network devices allows a... |
| CVE-2022-41783 | 2022-12-07 | tdpServer of TP-Link RE300 V1 improperly processes its input, which... |
| CVE-2022-41994 | 2022-12-07 | Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions... |
| CVE-2022-42328 | 2022-12-07 | Guests can trigger deadlock in Linux netback driver T[his CNA... |
| CVE-2022-42329 | 2022-12-07 | Guests can trigger deadlock in Linux netback driver T[his CNA... |
| CVE-2022-42458 | 2022-12-07 | Authentication bypass using an alternate path or channel vulnerability in... |
| CVE-2022-42486 | 2022-12-07 | Stored cross-site scripting vulnerability in User group management of baserCMS... |
| CVE-2022-4261 | 2022-12-07 | Rapid7 Nexpose Update Validation Issue |
| CVE-2022-4322 | 2022-12-07 | maku-boot Scheduled Task AbstractScheduleJob.java doExecute injection |
| CVE-2022-4341 | 2022-12-07 | csliuwy coder-chain_gdut cross site scripting |
| CVE-2022-43464 | 2022-12-07 | Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier... |
| CVE-2022-43468 | 2022-12-07 | External initialization of trusted variables or data stores vulnerability exists... |
| CVE-2022-43508 | 2022-12-07 | Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which... |
| CVE-2022-43509 | 2022-12-07 | Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which... |
| CVE-2022-43660 | 2022-12-07 | Improper neutralization of Server-Side Includes (SSW) within a web page... |
| CVE-2022-43667 | 2022-12-07 | Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier,... |
| CVE-2022-43668 | 2022-12-07 | Typora versions prior to 1.4.4 fails to properly neutralize JavaScript... |
| CVE-2022-44153 | 2022-12-07 | Rapid Software LLC Rapid SCADA 5.8.4 is vulnerable to Cross... |
| CVE-2022-44351 | 2022-12-07 | Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via... |
| CVE-2022-44361 | 2022-12-07 | An issue was discovered in ZZCMS 2022. There is a... |
| CVE-2022-44371 | 2022-12-07 | hope-boot 1.0.0 has a deserialization vulnerability that can cause Remote... |
| CVE-2022-44373 | 2022-12-07 | A stack overflow vulnerability exists in TrendNet Wireless AC Easy-Upgrader... |
| CVE-2022-44393 | 2022-12-07 | Sanitization Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-44606 | 2022-12-07 | OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and... |
| CVE-2022-44608 | 2022-12-07 | Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to... |
| CVE-2022-44620 | 2022-12-07 | Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier... |
| CVE-2022-44849 | 2022-12-07 | A Cross-Site Request Forgery (CSRF) in the Administrator List of... |
| CVE-2022-44942 | 2022-12-07 | Casdoor before v1.126.1 was discovered to contain an arbitrary file... |
| CVE-2022-45008 | 2022-12-07 | Online Leave Management System v1.0 was discovered to contain a... |
| CVE-2022-45009 | 2022-12-07 | Online Leave Management System v1.0 was discovered to contain an... |
| CVE-2022-45010 | 2022-12-07 | Simple Phone Book/Directory Web App v1.0 was discovered to contain... |
| CVE-2022-45025 | 2022-12-07 | Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom... |
| CVE-2022-45026 | 2022-12-07 | An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for... |
| CVE-2022-45113 | 2022-12-07 | Improper validation of syntactic correctness of input vulnerability exist in... |
| CVE-2022-45122 | 2022-12-07 | Cross-site scripting vulnerability in Movable Type Movable Type 7 r.5301... |