CVE List - 2022 / February
Showing 1 - 100 of 1942 CVEs for February 2022 (Page 1 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-25097 | 2022-02-01 | LabTools <= 1.0 - Subscriber+ Arbitrary Publication Deletion |
| CVE-2022-0417 | 2022-02-01 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-24196 | 2022-02-01 | iText v7.1.17, up to (exluding)": 7.1.18 and 7.2.2 was discovered... |
| CVE-2022-24197 | 2022-02-01 | iText v7.1.17 was discovered to contain a stack-based buffer overflow... |
| CVE-2022-24198 | 2022-02-01 | iText v7.1.17 was discovered to contain an out-of-bounds exception via... |
| CVE-2021-46669 | 2022-02-01 | MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free... |
| CVE-2021-46668 | 2022-02-01 | MariaDB through 10.5.9 allows an application crash via certain long... |
| CVE-2021-46667 | 2022-02-01 | MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to... |
| CVE-2021-46666 | 2022-02-01 | MariaDB before 10.6.2 allows an application crash because of mishandling... |
| CVE-2021-46665 | 2022-02-01 | MariaDB through 10.5.9 allows a sql_parse.cc application crash because of... |
| CVE-2021-46664 | 2022-02-01 | MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for... |
| CVE-2021-46663 | 2022-02-01 | MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain... |
| CVE-2021-46662 | 2022-02-01 | MariaDB through 10.5.9 allows a set_var.cc application crash via certain... |
| CVE-2021-46661 | 2022-02-01 | MariaDB through 10.5.9 allows an application crash in find_field_in_tables and... |
| CVE-2022-23774 | 2022-02-01 | Docker Desktop before 4.4.4 on Windows allows attackers to move... |
| CVE-2020-8562 | 2022-02-01 | Bypass of Kubernetes API Server proxy TOCTOU |
| CVE-2022-0419 | 2022-02-01 | NULL Pointer Dereference in radareorg/radare2 |
| CVE-2022-23603 | 2022-02-01 | Code injection in iTunesRPC-Remastered |
| CVE-2022-23602 | 2022-02-01 | Nim's rst parser sandboxed mode allows include which can embed any local file |
| CVE-2022-23607 | 2022-02-01 | Unsafe handling of user-specified cookies in treq |
| CVE-2021-41040 | 2022-02-01 | In Eclipse Wakaama, ever since its inception until 2021-01-14, the... |
| CVE-2022-23597 | 2022-02-01 | Remote program execution with user interaction |
| CVE-2022-23596 | 2022-02-01 | Infinite loop in junrar |
| CVE-2022-21687 | 2022-02-01 | Command injection in gh-ost |
| CVE-2021-43859 | 2022-02-01 | Denial of Service by injecting highly recursive collections or maps in XStream |
| CVE-2021-43848 | 2022-02-01 | Unititialized memory access in h2o |
| CVE-2022-23601 | 2022-02-01 | CSRF token missing in Symfony |
| CVE-2021-24648 | 2022-02-01 | Registration Magic < 5.0.1.9 - Reflected Cross-Site Scripting |
| CVE-2021-24686 | 2022-02-01 | SVG Support < 2.3.20 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24707 | 2022-02-01 | Learning Courses < 5.0 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24761 | 2022-02-01 | Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF |
| CVE-2021-24762 | 2022-02-01 | Perfect Survey < 1.5.2 - Unauthenticated SQL Injection |
| CVE-2021-24763 | 2022-02-01 | Perfect Survey < 1.5.2 - Unauthorised AJAX Call to Stored XSS / Survey Settings Update |
| CVE-2021-24764 | 2022-02-01 | Perfect Survey < 1.5.2 - Reflected Cross-Site Scripting |
| CVE-2021-24765 | 2022-02-01 | Perfect Survey < 1.5.2 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2021-24775 | 2022-02-01 | Document Embedder < 1.7.5 - Unauthenticated Arbitrary Private/Draft Post Title Disclosure |
| CVE-2021-24814 | 2022-02-01 | WordPress GDPR & CCPA < 1.9.26 - Authenticated Reflected Cross-Site Scripting |
| CVE-2021-24868 | 2022-02-01 | Document Embedder < 1.7.9 - Subscriber+ Arbitrary Private/Draft Post Title Disclosure |
| CVE-2021-24900 | 2022-02-01 | Ninja Tables < 4.1.8 - Admin+ Stored Cross-Site Cross-Site Scripting |
| CVE-2021-24919 | 2022-02-01 | Wicked Folders < 2.18.10 - Subscriber+ SQL Injection |
| CVE-2021-24926 | 2022-02-01 | Domain Check < 1.0.17 - Reflected Cross-Site Scripting |
| CVE-2021-24934 | 2022-02-01 | Visual CSS Style Editor < 7.5.4 - Reflected Cross-Site Scripting |
| CVE-2021-24937 | 2022-02-01 | Asset CleanUp < 1.3.8.5 - Reflected Cross-Site Scripting |
| CVE-2021-24944 | 2022-02-01 | Custom Dashboard & Login Page < 7.0 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24975 | 2022-02-01 | NextScripts: Social Networks Auto-Poster < 4.3.24 - Unauthenticated Stored XSS |
| CVE-2021-24983 | 2022-02-01 | Asset CleanUp < 1.3.8.5 - Reflected Cross-Site Scripting via AJAX Action |
| CVE-2021-25063 | 2022-02-01 | Contact Form 7 Skins < 2.5.1 - Reflected Cross-Site Scripting (XSS) |
| CVE-2021-25072 | 2022-02-01 | NextScripts: Social Networks Auto-Poster < 4.3.25 - Arbitrary Post Deletion via CSRF |
| CVE-2021-25085 | 2022-02-01 | WOOF - Products Filter for WooCommerce < 1.2.6.3 - Reflected Cross-Site Scripting |
| CVE-2021-25089 | 2022-02-01 | UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting |
| CVE-2021-25091 | 2022-02-01 | Link Library < 7.2.9 - Reflected Cross-Site Scripting |
| CVE-2021-25092 | 2022-02-01 | Link Library < 7.2.8 - Library Settings Reset via CSRF |
| CVE-2021-25093 | 2022-02-01 | Link Library < 7.2.8 - Unauthenticated Arbitrary Links Deletion |
| CVE-2022-0220 | 2022-02-01 | WordPress GDPR & CCPA < 1.9.27 - Unauthenticated Reflected Cross-Site Scripting |
| CVE-2022-0320 | 2022-02-01 | Essential Addons for Elementor < 5.0.5 - Unauthenticated LFI |
| CVE-2022-0401 | 2022-02-01 | Path Traversal in yuda-lyu/w-zip |
| CVE-2021-41571 | 2022-02-01 | Pulsar Admin API allows access to data from other tenants using getMessageById API |
| CVE-2021-45416 | 2022-02-01 | Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers... |
| CVE-2021-46253 | 2022-02-01 | A cross-site scripting (XSS) vulnerability in the Create Post function... |
| CVE-2021-43509 | 2022-02-01 | SQL Injection vulnerability exists in Sourcecodester Simple Client Management System... |
| CVE-2021-43510 | 2022-02-01 | SQL Injection vulnerability exists in Sourcecodester Simple Client Management System... |
| CVE-2021-44451 | 2022-02-01 | API sensitive information leak |
| CVE-2021-44746 | 2022-02-01 | UNIVERGE DT 820 V3.2.7.0 and prior, UNIVERGE DT 830 V5.2.7.0... |
| CVE-2021-38560 | 2022-02-01 | Ivanti Service Manager 2021.1 allows reflected XSS via the appName... |
| CVE-2021-46093 | 2022-02-01 | eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php. |
| CVE-2022-24218 | 2022-02-01 | An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to... |
| CVE-2022-24219 | 2022-02-01 | eliteCMS v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-24221 | 2022-02-01 | eliteCMS v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-24222 | 2022-02-01 | eliteCMS v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-24223 | 2022-02-01 | AtomCMS v2.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-24220 | 2022-02-01 | eliteCMS v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2021-42638 | 2022-02-01 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not... |
| CVE-2022-0443 | 2022-02-02 | Use After Free in vim/vim |
| CVE-2022-24301 | 2022-02-02 | In Minetest before 5.4.0, players can add or subtract items... |
| CVE-2022-24300 | 2022-02-02 | Minetest before 5.4.0 allows attackers to add or modify arbitrary... |
| CVE-2021-42753 | 2022-02-02 | An improper limitation of a pathname to a restricted directory... |
| CVE-2021-36177 | 2022-02-02 | An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service... |
| CVE-2021-41016 | 2022-02-02 | A improper neutralization of special elements used in a command... |
| CVE-2021-43073 | 2022-02-02 | A improper neutralization of special elements used in an os... |
| CVE-2021-43062 | 2022-02-02 | A improper neutralization of input during web page generation ('cross-site... |
| CVE-2021-36193 | 2022-02-02 | Multiple stack-based buffer overflows in the command line interpreter of... |
| CVE-2021-41018 | 2022-02-02 | A improper neutralization of special elements used in an os... |
| CVE-2022-0366 | 2022-02-02 | An authenticated and authorized agent user could potentially gain administrative... |
| CVE-2022-21724 | 2022-02-02 | Unchecked Class Instantiation when providing Plugin Classes |
| CVE-2020-26208 | 2022-02-02 | Heap-buffer-overflow in jhead |
| CVE-2021-24043 | 2022-02-02 | A missing bound check in RTCP flag parsing code prior... |
| CVE-2021-39044 | 2022-02-02 | IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request... |
| CVE-2021-39066 | 2022-02-02 | IBM Financial Transaction Manager 3.2.4 does not invalidate session any... |
| CVE-2021-39070 | 2022-02-02 | IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the... |
| CVE-2022-21817 | 2022-02-02 | NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability... |
| CVE-2022-22509 | 2022-02-02 | PHOENIX CONTACT: FL SWITCH 2xxx series incorrect privilege assignment |
| CVE-2022-22510 | 2022-02-02 | CODESYS: Null Pointer Dereference in CODESYS PROFINET stack |
| CVE-2021-42633 | 2022-02-02 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable... |
| CVE-2021-42637 | 2022-02-02 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled... |
| CVE-2021-42639 | 2022-02-02 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable... |
| CVE-2021-42640 | 2022-02-02 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable... |
| CVE-2021-42641 | 2022-02-02 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable... |
| CVE-2021-42642 | 2022-02-02 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable... |
| CVE-2022-0432 | 2022-02-02 | Prototype Pollution in mastodon/mastodon |
| CVE-2021-43522 | 2022-02-02 | An issue was discovered in Insyde InsydeH2O with kernel 5.1... |