CVE List - 2022 / January
Showing 601 - 700 of 1988 CVEs for January 2022 (Page 7 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-42562 | 2022-01-12 | An issue was discovered in CALDERA 2.8.1. It does not... |
| CVE-2021-42561 | 2022-01-12 | An issue was discovered in CALDERA 2.8.1. When activated, the... |
| CVE-2021-42560 | 2022-01-12 | An issue was discovered in CALDERA 2.9.0. The Debrief plugin... |
| CVE-2022-20612 | 2022-01-12 | A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and... |
| CVE-2022-20615 | 2022-01-12 | Jenkins Matrix Project Plugin 1.19 and earlier does not escape... |
| CVE-2022-20616 | 2022-01-12 | Jenkins Credentials Binding Plugin 1.27 and earlier does not perform... |
| CVE-2022-20617 | 2022-01-12 | Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize... |
| CVE-2022-20618 | 2022-01-12 | A missing permission check in Jenkins Bitbucket Branch Source Plugin... |
| CVE-2022-20619 | 2022-01-12 | A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch... |
| CVE-2022-20620 | 2022-01-12 | Missing permission checks in Jenkins SSH Agent Plugin 1.23 and... |
| CVE-2022-20621 | 2022-01-12 | Jenkins Metrics Plugin 4.0.2.8 and earlier stores an access key... |
| CVE-2022-23105 | 2022-01-12 | Jenkins Active Directory Plugin 2.25 and earlier does not encrypt... |
| CVE-2022-23107 | 2022-01-12 | Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not... |
| CVE-2022-23108 | 2022-01-12 | Jenkins Badge Plugin 1.9 and earlier does not escape the... |
| CVE-2022-23109 | 2022-01-12 | Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask... |
| CVE-2022-23110 | 2022-01-12 | Jenkins Publish Over SSH Plugin 1.22 and earlier does not... |
| CVE-2022-23111 | 2022-01-12 | A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over... |
| CVE-2022-23112 | 2022-01-12 | A missing permission check in Jenkins Publish Over SSH Plugin... |
| CVE-2022-23113 | 2022-01-12 | Jenkins Publish Over SSH Plugin 1.22 and earlier performs a... |
| CVE-2022-23114 | 2022-01-12 | Jenkins Publish Over SSH Plugin 1.22 and earlier stores password... |
| CVE-2022-23115 | 2022-01-12 | Cross-site request forgery (CSRF) vulnerabilities in Jenkins batch task Plugin... |
| CVE-2022-23116 | 2022-01-12 | Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that... |
| CVE-2022-23117 | 2022-01-12 | Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that... |
| CVE-2022-23118 | 2022-01-12 | Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality... |
| CVE-2021-42558 | 2022-01-12 | An issue was discovered in CALDERA 2.8.1. It contains multiple... |
| CVE-2021-42559 | 2022-01-12 | An issue was discovered in CALDERA 2.8.1. It contains multiple... |
| CVE-2021-41597 | 2022-01-12 | SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote... |
| CVE-2021-45449 | 2022-01-12 | Docker Desktop version 4.3.0 and 4.3.1 has a bug that... |
| CVE-2021-46225 | 2022-01-12 | A buffer overflow in the GmfOpenMesh() function of libMeshb v7.61... |
| CVE-2021-37529 | 2022-01-12 | A double-free vulnerability exists in fig2dev through 3.28a is affected... |
| CVE-2021-37530 | 2022-01-12 | A denial of service vulnerabiity exists in fig2dev through 3.28a... |
| CVE-2021-40567 | 2022-01-13 | Segmentation fault vulnerability exists in Gpac through 1.0.1 via the... |
| CVE-2021-40568 | 2022-01-13 | A buffer overflow vulnerability exists in Gpac through 1.0.1 via... |
| CVE-2021-40569 | 2022-01-13 | The binary MP4Box in Gpac through 1.0.1 has a double-free... |
| CVE-2021-40570 | 2022-01-13 | The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability... |
| CVE-2021-40571 | 2022-01-13 | The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability... |
| CVE-2021-40572 | 2022-01-13 | The binary MP4Box in Gpac 1.0.1 has a double-free bug... |
| CVE-2021-40575 | 2022-01-13 | The binary MP4Box in Gpac 1.0.1 has a null pointer... |
| CVE-2021-40576 | 2022-01-13 | The binary MP4Box in Gpac 1.0.1 has a null pointer... |
| CVE-2021-45760 | 2022-01-13 | GPAC v1.1.0 was discovered to contain an invalid memory address... |
| CVE-2022-21682 | 2022-01-13 | flatpak-builder can access files outside the build directory. |
| CVE-2021-40574 | 2022-01-13 | The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has... |
| CVE-2022-0197 | 2022-01-13 | Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite |
| CVE-2022-0196 | 2022-01-13 | Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite |
| CVE-2022-0198 | 2022-01-13 | Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp |
| CVE-2022-22112 | 2022-01-13 | DayByDay CRM - Application-Wide Client-Side Template Injection (CSTI) |
| CVE-2022-22113 | 2022-01-13 | DayByDay CRM - Insufficient Session Expiration after Password Change |
| CVE-2021-30285 | 2022-01-13 | Improper validation of memory region in Hypervisor can lead to... |
| CVE-2021-30287 | 2022-01-13 | Possible assertion due to improper validation of symbols configured for... |
| CVE-2021-30300 | 2022-01-13 | Possible denial of service due to incorrectly decoding hex data... |
| CVE-2021-30301 | 2022-01-13 | Possible denial of service due to out of memory while... |
| CVE-2021-30307 | 2022-01-13 | Possible denial of service due to improper validation of DNS... |
| CVE-2021-30308 | 2022-01-13 | Possible buffer overflow while printing the HARQ memory partition detail... |
| CVE-2021-30311 | 2022-01-13 | Possible heap overflow due to lack of index validation before... |
| CVE-2021-30313 | 2022-01-13 | Use after free condition can occur in wired connectivity due... |
| CVE-2021-30314 | 2022-01-13 | Lack of validation for third party application accessing the service... |
| CVE-2021-30319 | 2022-01-13 | Possible integer overflow due to improper validation of command length... |
| CVE-2021-30330 | 2022-01-13 | Possible null pointer dereference due to improper validation of APE... |
| CVE-2021-30353 | 2022-01-13 | Improper validation of function pointer type with actual function signature... |
| CVE-2021-45806 | 2022-01-13 | jpress v4.2.0 admin panel provides a function through which attackers... |
| CVE-2021-23514 | 2022-01-13 | Path Traversal |
| CVE-2021-23824 | 2022-01-13 | Content Injection |
| CVE-2021-40327 | 2022-01-13 | Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has... |
| CVE-2022-23131 | 2022-01-13 | Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML |
| CVE-2022-23132 | 2022-01-13 | Incorrect permissions of [/var/run/zabbix] forces dac_override |
| CVE-2022-23133 | 2022-01-13 | Stored XSS in host groups configuration window in Zabbix Frontend |
| CVE-2022-23134 | 2022-01-13 | Possible view of the setup pages by unauthenticated users if config file already exists |
| CVE-2022-22123 | 2022-01-13 | Halo CMS - Stored Cross-Site Scripting (XSS) in Article's Title |
| CVE-2022-22124 | 2022-01-13 | Halo CMS - Stored Cross-Site Scripting (XSS) in Profile Image |
| CVE-2022-22125 | 2022-01-13 | Halo CMS - Stored Cross-Site Scripting (XSS) in Article's Tag |
| CVE-2022-21678 | 2022-01-13 | User's bio visible even if profile is restricted in Discourse |
| CVE-2021-40813 | 2022-01-13 | A cross-site scripting (XSS) vulnerability in the "Zip content" feature... |
| CVE-2021-39056 | 2022-01-13 | The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic... |
| CVE-2021-40573 | 2022-01-13 | The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability... |
| CVE-2021-45422 | 2022-01-13 | Reprise License Manager 14.2 is affected by a reflected cross-site... |
| CVE-2021-45807 | 2022-01-13 | jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController::doUploadAndInstall. |
| CVE-2021-33046 | 2022-01-13 | Some Dahua products have access control vulnerability in the password... |
| CVE-2021-43762 | 2022-01-13 | Adobe Experience Manager Unicode normalization leads to dispatcher bypass |
| CVE-2021-44178 | 2022-01-13 | Adobe Experience Manager Reflected XSS in /bin/wcm/contentfinder/page/view.html |
| CVE-2021-43765 | 2022-01-13 | Adobe Experience Manager Stored XSS in the Carousel Set |
| CVE-2021-40722 | 2022-01-13 | AEM Forms Improper Restriction of XML External Entity Reference |
| CVE-2021-44177 | 2022-01-13 | Adobe Experience Manager Stored XSS in user name parameter in the package manager |
| CVE-2021-43761 | 2022-01-13 | Adobe Experience Manager Stored XSS on Edit Tag page via Localization input |
| CVE-2021-44176 | 2022-01-13 | Adobe Experience Manager Stored XSS in workflow Stages parameter |
| CVE-2021-43764 | 2022-01-13 | Adobe Experience Manager Stored XSS in the Spin Set |
| CVE-2022-22989 | 2022-01-13 | Pre-authenticated stack overflow vulnerability on FTP Service |
| CVE-2022-22991 | 2022-01-13 | Command injection through unsecured HTTP calls on Western Digital My Cloud devices |
| CVE-2022-22990 | 2022-01-13 | Limited authentication bypass vulnerability on Western Digital My Cloud devices |
| CVE-2022-22988 | 2022-01-13 | Insecure file and directory permissions on EdgeRover |
| CVE-2021-23227 | 2022-01-13 | WordPress PHP Everywhere Plugin <= 2.0.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2021-45054 | 2022-01-13 | Adobe InCopy JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability |
| CVE-2021-45053 | 2022-01-13 | Adobe InCopy JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2021-45056 | 2022-01-13 | Adobe InCopy JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2021-45055 | 2022-01-13 | Adobe InCopy TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2021-45058 | 2022-01-13 | Adobe InDesign JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2021-45057 | 2022-01-13 | Adobe InDesign JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2021-45059 | 2022-01-13 | Adobe InDesign JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability |
| CVE-2022-21684 | 2022-01-13 | User can bypass approval when invited to Discourse |
| CVE-2021-34858 | 2022-01-13 | This vulnerability allows remote attackers to execute arbitrary code on... |
| CVE-2021-34871 | 2022-01-13 | This vulnerability allows remote attackers to execute arbitrary code on... |