CVE List - 2022 / December
Showing 501 - 600 of 2356 CVEs for December 2022 (Page 6 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-45509 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45510 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45511 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45512 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45513 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45514 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45515 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45516 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45517 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45518 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45519 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45520 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45521 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45522 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45523 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45524 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-45525 | 2022-12-08 | Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow... |
| CVE-2022-46792 | 2022-12-08 | Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the... |
| CVE-2022-23492 | 2022-12-08 | go-libp2p denial of service vulnerability from lack of resource management |
| CVE-2022-23476 | 2022-12-08 | Unchecked return value from xmlTextReaderExpand in Nokogiri |
| CVE-2022-20968 | 2022-12-08 | A vulnerability in the Cisco Discovery Protocol processing feature of... |
| CVE-2022-46824 | 2022-12-08 | In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in... |
| CVE-2022-46825 | 2022-12-08 | In JetBrains IntelliJ IDEA before 2022.3 the built-in web server... |
| CVE-2022-46826 | 2022-12-08 | In JetBrains IntelliJ IDEA before 2022.3 the built-in web server... |
| CVE-2022-46827 | 2022-12-08 | In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading... |
| CVE-2022-46828 | 2022-12-08 | In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on... |
| CVE-2022-46829 | 2022-12-08 | In JetBrains JetBrains Gateway before 2022.3 a client could connect... |
| CVE-2022-46830 | 2022-12-08 | In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS... |
| CVE-2022-46831 | 2022-12-08 | In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS... |
| CVE-2022-41717 | 2022-12-08 | Excessive memory growth in net/http and golang.org/x/net/http2 |
| CVE-2022-23496 | 2022-12-08 | A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa |
| CVE-2022-23495 | 2022-12-08 | ProtoNode may be modified such that common method calls may panic in ipfs/go-merkledag |
| CVE-2022-23494 | 2022-12-08 | Cross-site scripting vulnerability in TinyMCE alerts |
| CVE-2022-23469 | 2022-12-08 | Authorization header displayed in the debug logs |
| CVE-2022-46153 | 2022-12-08 | Routes exposed with an empty TLSOption in traefik |
| CVE-2022-46158 | 2022-12-08 | Potential Information exposure in the upload directory in PrestaShop |
| CVE-2022-41949 | 2022-12-08 | Semi-blind Server-Side Request Forgery in dhis2-core |
| CVE-2022-41948 | 2022-12-08 | Privilege Chaining with the user admin role in dhis2-core |
| CVE-2022-41947 | 2022-12-08 | Cross-site Scripting with user-uploaded files in dhis2-core |
| CVE-2022-25629 | 2022-12-09 | An authenticated user who has the privilege to add/edit annotations... |
| CVE-2022-25630 | 2022-12-09 | An authenticated user can embed malicious content with XSS into... |
| CVE-2022-29838 | 2022-12-09 | Authentication issue with the encrypted volumes and auto mount feature in My Cloud devices |
| CVE-2022-29839 | 2022-12-09 | Remote Backups Application Discloses Stored Credentials |
| CVE-2022-3259 | 2022-12-09 | Openshift 4.9 does not use HTTP Strict Transport Security (HSTS)... |
| CVE-2022-34297 | 2022-12-09 | Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting... |
| CVE-2022-3724 | 2022-12-09 | Crash in the USB HID protocol dissector in Wireshark 3.6.0... |
| CVE-2022-4170 | 2022-12-09 | The rxvt-unicode package is vulnerable to a remote code execution,... |
| CVE-2022-4336 | 2022-12-09 | In BAOTA linux panel there exists a stored xss vulnerability... |
| CVE-2022-4375 | 2022-12-09 | Mingsoft MCMS list sql injection |
| CVE-2022-4377 | 2022-12-09 | S-CMS Contact Information Page cross site scripting |
| CVE-2022-4390 | 2022-12-09 | A network misconfiguration is present in versions prior to 1.0.9.90... |
| CVE-2022-44213 | 2022-12-09 | ZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable... |
| CVE-2022-44790 | 2022-12-09 | Interspire Email Marketer through 6.5.1 allows SQL Injection via the... |
| CVE-2022-44838 | 2022-12-09 | Automotive Shop Management System v1.0 was discovered to contain a... |
| CVE-2022-45290 | 2022-12-09 | Kbase Doc v1.0 was discovered to contain an arbitrary file... |
| CVE-2022-45292 | 2022-12-09 | User invites for Funkwhale v1.2.8 do not permanently expire after... |
| CVE-2022-33187 | 2022-12-09 | Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs |
| CVE-2022-2752 | 2022-12-09 | Potential vulnerabilities in GM login process |
| CVE-2022-4264 | 2022-12-09 | Incorrect privilege assignment in M-Files Web Server |
| CVE-2022-23493 | 2022-12-09 | Out of Bound Read in xrdp |
| CVE-2022-23468 | 2022-12-09 | Buffer Overflow in xrdp |
| CVE-2022-23478 | 2022-12-09 | Out of Bound Write in xrdp |
| CVE-2022-23479 | 2022-12-09 | Buffer Overflow occurs in xrdp |
| CVE-2022-23480 | 2022-12-09 | Buffer Overflow in xrdp |
| CVE-2022-23481 | 2022-12-09 | Out-of-Bound Read in xrdp |
| CVE-2022-23482 | 2022-12-09 | Out-of-Bound Read in xrdp |
| CVE-2022-23483 | 2022-12-09 | Out-of-Bound Read in libxrdp |
| CVE-2022-23484 | 2022-12-09 | Integer Overflow in xrdp |
| CVE-2022-23477 | 2022-12-09 | Buffer Overflow in xrdp |
| CVE-2022-41299 | 2022-12-09 | IBM Cloud Transformation Advisor cross-site scripting |
| CVE-2022-46166 | 2022-12-09 | Spring Boot Admins integrated notifier support allows arbitrary code execution |
| CVE-2022-46157 | 2022-12-09 | Remote php code execution in Akeneo PIM |
| CVE-2022-23510 | 2022-12-09 | SQl injection in cube-js |
| CVE-2022-23497 | 2022-12-09 | Insecure file access in FreshRSS |
| CVE-2022-4396 | 2022-12-10 | RDFlib pyrdfa3 __init__.py _get_option cross site scripting |
| CVE-2022-4397 | 2022-12-10 | morontt zend-blog-number-2 Comment Comment.php cross-site request forgery |
| CVE-2022-4398 | 2022-12-10 | Integer Overflow or Wraparound in radareorg/radare2 |
| CVE-2022-4399 | 2022-12-10 | TicklishHoneyBee nodau db.c sql injection |
| CVE-2022-45145 | 2022-12-10 | egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command... |
| CVE-2022-23485 | 2022-12-10 | Invite code reuse via cookie manipulation in sentry |
| CVE-2022-4401 | 2022-12-11 | pallidlight online-course-selection-system cross site scripting |
| CVE-2022-4400 | 2022-12-11 | zbl1996 FS-Blog Title cross site scripting |
| CVE-2022-4402 | 2022-12-11 | RainyGao DocSys ZIP File Decompression path traversal |
| CVE-2022-4403 | 2022-12-11 | SourceCodester Canteen Management System ajax_represent.php sql injection |
| CVE-2022-4407 | 2022-12-11 | Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq |
| CVE-2022-4408 | 2022-12-11 | Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq |
| CVE-2022-4409 | 2022-12-11 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq |
| CVE-2022-4413 | 2022-12-11 | Cross-site Scripting (XSS) - Reflected in nuxt/framework |
| CVE-2022-4414 | 2022-12-11 | Cross-site Scripting (XSS) - DOM in nuxt/framework |
| CVE-2022-42716 | 2022-12-12 | An issue was discovered in the Arm Mali GPU Kernel... |
| CVE-2021-41943 | 2022-12-12 | Logrhythm Web Console 7.4.9 allows for HTML tag injection through... |
| CVE-2021-4244 | 2022-12-12 | yikes-inc-easy-mailchimp-extender Plugin add_field_to_form.php cross site scripting |
| CVE-2022-23511 | 2022-12-12 | A privilege escalation issue exists within the Amazon CloudWatch Agent... |
| CVE-2022-25836 | 2022-12-12 | Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through... |
| CVE-2022-25837 | 2022-12-12 | Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may... |
| CVE-2022-41881 | 2022-12-12 | Netty project is an event-driven asynchronous network application framework. In... |
| CVE-2022-44031 | 2022-12-12 | Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS... |
| CVE-2022-4416 | 2022-12-12 | RainyGao DocSys getReposAllUsers.do getReposAllUsers sql injection |
| CVE-2022-4421 | 2022-12-12 | rAthena FluxCP Service Desk Image URL view.php cross site scripting |
| CVE-2022-44637 | 2022-12-12 | Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS... |