CVE List - 2022 / December

Showing 1301 - 1400 of 2356 CVEs for December 2022 (Page 14 of 24)

Back to List Previous Next

CVE ID	Date	Title
CVE-2022-44755	2022-12-17	HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView
CVE-2022-44750	2022-12-17	HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
CVE-2022-44752	2022-12-17	HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView
CVE-2022-44754	2022-12-17	HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
CVE-2022-38659	2022-12-17	HCL BigFix Platform is affected by insecure credential storage
CVE-2022-42453	2022-12-17	HCL BigFix Platform is affected by insufficient warnings
CVE-2021-4250	2022-12-18	cgriego active_attr Regex boolean_typecaster.rb call denial of service
CVE-2021-4257	2022-12-18	ctrlo lenio Task task.tt cross site scripting
CVE-2022-4597	2022-12-18	Shoplazza LifeStyle Create Product v2_products cross site scripting
CVE-2022-4603	2022-12-18	ppp pppdump pppdump.c dumpppp array index
CVE-2022-4604	2022-12-18	wp-english-wp-admin Plugin english-wp-admin.php register_endpoints cross-site request forgery
CVE-2022-4607	2022-12-18	3D City Database OGC Web Feature Service xml external entity reference
CVE-2020-36617	2022-12-18	ewxrjk sftpserver parse.c sftp_parse_path uninitialized pointer
CVE-2021-4247	2022-12-18	OWASP NodeGoat Query Parameter research.js denial of service
CVE-2021-4248	2022-12-18	kapetan dns Request.cs entropy
CVE-2021-4249	2022-12-18	xml-conduit DOCTYPE Entity Expansion Parse.hs infinite loop
CVE-2021-4251	2022-12-18	as include.cdn.php getFullURL cross site scripting
CVE-2021-4252	2022-12-18	WP-Ban ban-options.php toggle_checkbox cross site scripting
CVE-2021-4253	2022-12-18	ctrlo lenio Ticket Lenio.pm cross site scripting
CVE-2021-4254	2022-12-18	ctrlo lenio Notice main.tt cross site scripting
CVE-2021-4255	2022-12-18	ctrlo lenio contractor.tt cross site scripting
CVE-2021-4256	2022-12-18	ctrlo lenio index.tt cross site scripting
CVE-2022-4592	2022-12-18	luckyshot CRMx index.php commentdelete sql injection
CVE-2022-4593	2022-12-18	retra-system cross site scripting
CVE-2022-4594	2022-12-18	drogatkin TJWS2 WarRoller.java deployWar path traversal
CVE-2022-4595	2022-12-18	django-openipam exposed_hosts.html cross site scripting
CVE-2022-4596	2022-12-18	Shoplazza Add Blog Post cross site scripting
CVE-2022-4598	2022-12-18	Shoplazza LifeStyle Announcement cross site scripting
CVE-2022-4599	2022-12-18	Shoplazza LifeStyle Product cross site scripting
CVE-2022-4600	2022-12-18	Shoplazza LifeStyle Product Carousel cross site scripting
CVE-2022-4601	2022-12-18	Shoplazza LifeStyle Shipping/Member Discount/Icon cross site scripting
CVE-2022-4602	2022-12-18	Shoplazza LifeStyle Review Flow cross site scripting
CVE-2022-4605	2022-12-18	Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
CVE-2022-4606	2022-12-18	PHP Remote File Inclusion in flatpressblog/flatpress
CVE-2022-47514	2022-12-18	An XML external entity (XXE) injection vulnerability in XML-RPC.NET before...
CVE-2022-47515	2022-12-18	An issue was discovered in drachtio-server before 0.8.20. It allows...
CVE-2022-47516	2022-12-18	An issue was discovered in the libsofia-sip fork in drachtio-server...
CVE-2022-47517	2022-12-18	An issue was discovered in the libsofia-sip fork in drachtio-server...
CVE-2022-47518	2022-12-18	An issue was discovered in the Linux kernel before 6.0.11....
CVE-2022-47519	2022-12-18	An issue was discovered in the Linux kernel before 6.0.11....
CVE-2022-47520	2022-12-18	An issue was discovered in the Linux kernel before 6.0.11....
CVE-2022-47521	2022-12-18	An issue was discovered in the Linux kernel before 6.0.11....
CVE-2016-20018	2022-12-19	Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability...
CVE-2021-4259	2022-12-19	phpRedisAdmin login.inc.php authHttpDigest wrong operator in string comparison
CVE-2022-3775	2022-12-19	When rendering certain unicode sequences, grub2's font code doesn't proper...
CVE-2022-4611	2022-12-19	Click Studios Passwordstate hard-coded credentials
CVE-2020-36618	2022-12-19	Furqan node-whois index.coffee prototype pollution
CVE-2020-36619	2022-12-19	multimon-ng demod_flex.c add_ch format string
CVE-2021-33640	2022-12-19	After tar_close(), libtar.c releases the memory pointed to by pointer...
CVE-2021-4258	2022-12-19	whohas Package Information cleartext transmission
CVE-2021-4260	2022-12-19	oils-js Web.js redirect
CVE-2021-4261	2022-12-19	pacman-canvas db-handler.php addHighscore sql injection
CVE-2021-4262	2022-12-19	laravel-jqgrid EloquentRepositoryAbstract.php getRows sql injection
CVE-2022-31683	2022-12-19	Concourse (7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9)...
CVE-2022-3875	2022-12-19	Click Studios Passwordstate API authentication bypass by assumed-immutable data
CVE-2022-3876	2022-12-19	Click Studios Passwordstate API authorization
CVE-2022-3877	2022-12-19	Click Studios Passwordstate URL Field cross site scripting
CVE-2022-40434	2022-12-19	Softr v2.0 was discovered to be vulnerable to HTML injection...
CVE-2022-40435	2022-12-19	Employee Performance Evaluation System v1.0 was discovered to contain a...
CVE-2022-41418	2022-12-19	An issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs of BlogEngine.NET v3.3.8.0 allows...
CVE-2022-41993	2022-12-19	Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4...
CVE-2022-42945	2022-12-19	DWG TrueViewTM 2023 version has a DLL Search Order Hijacking...
CVE-2022-42946	2022-12-19	Parsing a maliciously crafted X_B and PRT file can force...
CVE-2022-42947	2022-12-19	A maliciously crafted X_B file when parsed through Autodesk Maya...
CVE-2022-43289	2022-12-19	Deark v.1.6.2 was discovered to contain a stack overflow via...
CVE-2022-43443	2022-12-19	OS command injection vulnerability in Buffalo network devices allows an...
CVE-2022-43466	2022-12-19	OS command injection vulnerability in Buffalo network devices allows a...
CVE-2022-43486	2022-12-19	Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent...
CVE-2022-44108	2022-12-19	pdftojson commit 94204bb was discovered to contain a stack overflow...
CVE-2022-44109	2022-12-19	pdftojson commit 94204bb was discovered to contain a stack overflow...
CVE-2022-44456	2022-12-19	CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated...
CVE-2022-44940	2022-12-19	Patchelf v0.9 was discovered to contain an out-of-bounds read via...
CVE-2022-45041	2022-12-19	SQL Injection exits in xinhu < 2.5.0
CVE-2022-4609	2022-12-19	Cross-site Scripting (XSS) - Stored in usememos/memos
CVE-2022-4610	2022-12-19	Click Studios Passwordstate risky encryption
CVE-2022-4612	2022-12-19	Click Studios Passwordstate insufficiently protected credentials
CVE-2022-4613	2022-12-19	Click Studios Passwordstate Browser Extension Provisioning improper authorization
CVE-2022-4614	2022-12-19	Cross-site Scripting (XSS) - Stored in alagrede/znote-app
CVE-2022-4615	2022-12-19	Cross-site Scripting (XSS) - Reflected in openemr/openemr
CVE-2022-46287	2022-12-19	Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4...
CVE-2022-46288	2022-12-19	Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4...
CVE-2022-46399	2022-12-19	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC...
CVE-2022-46400	2022-12-19	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC...
CVE-2022-46401	2022-12-19	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC...
CVE-2022-46402	2022-12-19	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC...
CVE-2022-46403	2022-12-19	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC...
CVE-2022-47547	2022-12-19	GossipSub 1.1, as used for Ethereum 2.0, allows a peer...
CVE-2022-47549	2022-12-19	An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable...
CVE-2022-47551	2022-12-19	Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions...
CVE-2022-4427	2022-12-19	SQL Injection via OTRS Search API
CVE-2022-27498	2022-12-19	A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality...
CVE-2022-28703	2022-12-19	A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages...
CVE-2022-29511	2022-12-19	A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality...
CVE-2022-29517	2022-12-19	A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality...
CVE-2022-32573	2022-12-19	A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality...
CVE-2022-32763	2022-12-19	A cross-site scripting (xss) sanitization vulnerability bypass exists in the...
CVE-2022-35694	2022-12-19	AEM Reflected XSS Arbitrary code execution
CVE-2022-35696	2022-12-19	AEM Reflected XSS Arbitrary code execution
CVE-2022-42343	2022-12-19	Adobe Campaign Classic Server-Side Request Forgery Arbitrary file system read
CVE-2022-42351	2022-12-19	AEM Incorrect Authorization Security feature bypass