CVE List - 2022 / December
Showing 1901 - 2000 of 2356 CVEs for December 2022 (Page 20 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-46171 | 2022-12-23 | Tauri vulnerable to path traversal |
| CVE-2022-23547 | 2022-12-23 | Heap buffer overflow in pjproject when decoding STUN message |
| CVE-2022-4698 | 2022-12-23 | The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2022-4697 | 2022-12-23 | The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2022-43381 | 2022-12-23 | IBM AIX denial of service |
| CVE-2022-43380 | 2022-12-23 | IBM AIX denial of service |
| CVE-2022-40233 | 2022-12-23 | IBM AIX denial of service |
| CVE-2022-39165 | 2022-12-23 | IBM AIX denial of service |
| CVE-2022-43848 | 2022-12-23 | IBM AIX denial of service |
| CVE-2022-43849 | 2022-12-23 | IBM AIX denial of service |
| CVE-2022-39164 | 2022-12-23 | IBM AIX denial of service |
| CVE-2022-41290 | 2022-12-23 | IBM AIX privilege escalation |
| CVE-2022-23854 | 2022-12-23 | AVEVA InTouch Access Anywhere versions 2020 R2 and older are... |
| CVE-2020-26302 | 2022-12-23 | is.js is a general-purpose check library. Versions 0.9.0 and prior... |
| CVE-2022-22184 | 2022-12-23 | Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute in version 22.3R1 |
| CVE-2022-25948 | 2022-12-23 | Information Exposure |
| CVE-2022-36354 | 2022-12-23 | A heap out-of-bounds read vulnerability exists in the RLA format... |
| CVE-2022-38143 | 2022-12-23 | A heap out-of-bounds write vulnerability exists in the way OpenImageIO... |
| CVE-2022-41639 | 2022-12-23 | A heap based buffer overflow vulnerability exists in tile decoding... |
| CVE-2022-41649 | 2022-12-23 | A heap out of bounds read vulnerability exists in the... |
| CVE-2022-41654 | 2022-12-23 | An authentication bypass vulnerability exists in the newsletter subscription functionality... |
| CVE-2022-41684 | 2022-12-23 | A heap out of bounds read vulnerability exists in the... |
| CVE-2022-41697 | 2022-12-23 | A user enumeration vulnerability exists in the login functionality of... |
| CVE-2022-41794 | 2022-12-23 | A heap based buffer overflow vulnerability exists in the PSD... |
| CVE-2022-41837 | 2022-12-23 | An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of... |
| CVE-2022-41838 | 2022-12-23 | A code execution vulnerability exists in the DDS scanline parsing... |
| CVE-2022-41977 | 2022-12-23 | An out of bounds read vulnerability exists in the way... |
| CVE-2022-41981 | 2022-12-23 | A stack-based buffer overflow vulnerability exists in the TGA file... |
| CVE-2022-41988 | 2022-12-23 | An information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of... |
| CVE-2022-41999 | 2022-12-23 | A denial of service vulnerability exists in the DDS native... |
| CVE-2022-43592 | 2022-12-23 | An information disclosure vulnerability exists in the DPXOutput::close() functionality of... |
| CVE-2022-43593 | 2022-12-23 | A denial of service vulnerability exists in the DPXOutput::close() functionality... |
| CVE-2022-43594 | 2022-12-23 | Multiple denial of service vulnerabilities exist in the image output... |
| CVE-2022-43595 | 2022-12-23 | Multiple denial of service vulnerabilities exist in the image output... |
| CVE-2022-43596 | 2022-12-23 | An information disclosure vulnerability exists in the IFFOutput channel interleaving... |
| CVE-2022-43597 | 2022-12-23 | Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding... |
| CVE-2022-43598 | 2022-12-23 | Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding... |
| CVE-2022-43599 | 2022-12-23 | Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of... |
| CVE-2022-43600 | 2022-12-23 | Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of... |
| CVE-2022-43601 | 2022-12-23 | Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of... |
| CVE-2022-43602 | 2022-12-23 | Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of... |
| CVE-2022-43603 | 2022-12-23 | A denial of service vulnerability exists in the ZfileOutput::close() functionality... |
| CVE-2022-44510 | 2022-12-23 | AEM Reflected XSS Arbitrary code execution |
| CVE-2022-46175 | 2022-12-24 | JSON5 is an extension to the popular JSON file format... |
| CVE-2022-4725 | 2022-12-24 | AWS SDK XML Parser XpathUtils.java XpathUtils server-side request forgery |
| CVE-2020-36626 | 2022-12-24 | Modern Tribe Panel Builder Plugin SearchFilter.php add_post_content_filtered_to_search_sql sql injection |
| CVE-2022-4726 | 2022-12-24 | SourceCodester Sanitization Management System Admin Login sql injection |
| CVE-2022-4727 | 2022-12-24 | OpenMRS Appointment Scheduling Module Notes AppointmentRequest.java getNotes cross site scripting |
| CVE-2022-4728 | 2022-12-24 | Graphite Web Cookie cross site scripting |
| CVE-2022-4729 | 2022-12-24 | Graphite Web Template Name cross site scripting |
| CVE-2022-4730 | 2022-12-24 | Graphite Web Absolute Time Range cross site scripting |
| CVE-2022-4732 | 2022-12-24 | Unrestricted Upload of File with Dangerous Type in microweber/microweber |
| CVE-2022-4733 | 2022-12-24 | Cross-site Scripting (XSS) - Stored in openemr/openemr |
| CVE-2022-47932 | 2022-12-24 | Brave Browser before 1.43.34 allowed a remote attacker to cause... |
| CVE-2022-47933 | 2022-12-24 | Brave Browser before 1.42.51 allowed a remote attacker to cause... |
| CVE-2022-47934 | 2022-12-24 | Brave Browser before 1.43.88 allowed a remote attacker to cause... |
| CVE-2022-47949 | 2022-12-24 | The Nintendo NetworkBuffer class, as used in Animal Crossing: New... |
| CVE-2021-4276 | 2022-12-25 | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in... |
| CVE-2022-37706 | 2022-12-25 | enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain... |
| CVE-2022-40005 | 2022-12-25 | Intelbras WiFiber 120AC inMesh before 1-1-220826 allows command injection by... |
| CVE-2022-41317 | 2022-12-25 | An issue was discovered in Squid 4.9 through 4.17 and... |
| CVE-2022-41318 | 2022-12-25 | A buffer over-read was discovered in libntlmauth in Squid 2.5... |
| CVE-2022-42898 | 2022-12-25 | PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4... |
| CVE-2022-42953 | 2022-12-25 | Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to... |
| CVE-2022-44012 | 2022-12-25 | An issue was discovered in /DS/LM_API/api/SelectionService/InsertQueryWithActiveRelationsReturnId in Simmeth Lieferantenmanager before... |
| CVE-2022-44013 | 2022-12-25 | An issue was discovered in Simmeth Lieferantenmanager before 5.6. An... |
| CVE-2022-44014 | 2022-12-25 | An issue was discovered in Simmeth Lieferantenmanager before 5.6. In... |
| CVE-2022-44015 | 2022-12-25 | An issue was discovered in Simmeth Lieferantenmanager before 5.6. An... |
| CVE-2022-44016 | 2022-12-25 | An issue was discovered in Simmeth Lieferantenmanager before 5.6. An... |
| CVE-2022-44017 | 2022-12-25 | An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due... |
| CVE-2022-44380 | 2022-12-25 | Snipe-IT before 6.0.14 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2022-44381 | 2022-12-25 | Snipe-IT through 6.0.14 allows attackers to check whether a user... |
| CVE-2022-44640 | 2022-12-25 | Heimdal before 7.7.1 allows remote attackers to execute arbitrary code... |
| CVE-2022-45197 | 2022-12-25 | Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream,... |
| CVE-2022-45889 | 2022-12-25 | Planet eStream before 6.72.10.07 allows a remote attacker (who is... |
| CVE-2022-45890 | 2022-12-25 | In Planet eStream before 6.72.10.07, a Reflected Cross-Site Scripting (XSS)... |
| CVE-2022-45891 | 2022-12-25 | Planet eStream before 6.72.10.07 allows attackers to call restricted functions,... |
| CVE-2022-45892 | 2022-12-25 | In Planet eStream before 6.72.10.07, multiple Stored Cross-Site Scripting (XSS)... |
| CVE-2022-45893 | 2022-12-25 | Planet eStream before 6.72.10.07 allows a low-privileged user to gain... |
| CVE-2022-45894 | 2022-12-25 | GetFile.aspx in Planet eStream before 6.72.10.07 allows ..\ directory traversal... |
| CVE-2022-45895 | 2022-12-25 | Planet eStream before 6.72.10.07 discloses sensitive information, related to the... |
| CVE-2022-45896 | 2022-12-25 | Planet eStream before 6.72.10.07 allows unauthenticated upload of arbitrary files:... |
| CVE-2022-4734 | 2022-12-25 | Improper Removal of Sensitive Information Before Storage or Transfer in usememos/memos |
| CVE-2020-36627 | 2022-12-25 | Macaron i18n i18n.go redirect |
| CVE-2020-36628 | 2022-12-25 | Calsign APDE ZIP File CopyBuildTask.java handleExtract path traversal |
| CVE-2020-36629 | 2022-12-25 | SimbCo httpster server.coffee fs.realpathSync path traversal |
| CVE-2021-4277 | 2022-12-25 | fredsmith utils Filename screenshot_sync predictable state |
| CVE-2022-4731 | 2022-12-25 | myapnea Title cross site scripting |
| CVE-2021-4278 | 2022-12-25 | cronvel tree-kit prototype pollution |
| CVE-2022-4735 | 2022-12-25 | asrashley dash-live DOM Node media.js ready cross site scripting |
| CVE-2019-25084 | 2022-12-25 | Hide Files on GitHub options.js addEventListener cross site scripting |
| CVE-2022-4736 | 2022-12-25 | Venganzas del Pasado cross site scripting |
| CVE-2020-36630 | 2022-12-25 | FreePBX cdr Cdr.class.php ajaxHandler sql injection |
| CVE-2020-36631 | 2022-12-25 | barronwaffles dwc_network_server_emulator gs_database.py update_profile sql injection |
| CVE-2022-4737 | 2022-12-25 | SourceCodester Blood Bank Management System login.php sql injection |
| CVE-2022-4738 | 2022-12-25 | SourceCodester Blood Bank Management System User Registration cross site scripting |
| CVE-2022-4739 | 2022-12-25 | SourceCodester School Dormitory Management System Admin Login sql injection |
| CVE-2022-4740 | 2022-12-25 | kkFileView picturesPreview setWatermarkAttribute cross site scripting |
| CVE-2020-36632 | 2022-12-25 | hughsk flat index.js unflatten prototype pollution |
| CVE-2021-4279 | 2022-12-25 | Starcounter-Jack JSON-Patch prototype pollution |