CVE List - 2022 / February
Showing 1801 - 1900 of 1942 CVEs for February 2022 (Page 19 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-23921 | 2022-02-25 | ICSA-22-053-01 GE Proficy CIMPLICITY-IPM |
| CVE-2022-21798 | 2022-02-25 | ICSA-22-053-02 GE Proficy CIMPLICITY-Cleartext |
| CVE-2021-26617 | 2022-02-25 | Gabia Firstmall remote code execution vulnerability |
| CVE-2021-22441 | 2022-02-25 | Some Huawei products have an integer overflow vulnerability. Successful exploitation... |
| CVE-2021-22478 | 2022-02-25 | The interface of a certain HarmonyOS module has a UAF... |
| CVE-2021-22479 | 2022-02-25 | The interface of a certain HarmonyOS module has an invalid... |
| CVE-2021-22437 | 2022-02-25 | There is a software integer overflow leading to a TOCTOU... |
| CVE-2021-22480 | 2022-02-25 | The interface of a certain HarmonyOS module has an integer... |
| CVE-2021-22448 | 2022-02-25 | There is an improper verification vulnerability in smartphones. Successful exploitation... |
| CVE-2021-22489 | 2022-02-25 | There is a DoS vulnerability in smartphones. Successful exploitation of... |
| CVE-2021-37027 | 2022-02-25 | There is a DoS vulnerability in smartphones. Successful exploitation of... |
| CVE-2021-22319 | 2022-02-25 | There is an improper verification vulnerability in smartphones. Successful exploitation... |
| CVE-2021-22394 | 2022-02-25 | There is a buffer overflow vulnerability in smartphones. Successful exploitation... |
| CVE-2021-22395 | 2022-02-25 | There is a code injection vulnerability in smartphones. Successful exploitation... |
| CVE-2021-22434 | 2022-02-25 | There is a memory address out of bounds vulnerability in... |
| CVE-2021-22433 | 2022-02-25 | There is a memory address out of bounds in smartphones.... |
| CVE-2021-22431 | 2022-02-25 | There is a vulnerability when configuring permission isolation in smartphones.... |
| CVE-2021-22426 | 2022-02-25 | There is a memory address out of bounds in smartphones.... |
| CVE-2021-22430 | 2022-02-25 | There is a logic bypass vulnerability in smartphones. Successful exploitation... |
| CVE-2021-22432 | 2022-02-25 | There is a vulnerability when configuring permission isolation in smartphones.... |
| CVE-2021-22429 | 2022-02-25 | There is a memory address out of bounds in smartphones.... |
| CVE-2021-37103 | 2022-02-25 | There is an improper permission management vulnerability in the Wallet... |
| CVE-2021-40043 | 2022-02-25 | The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier... |
| CVE-2021-40046 | 2022-02-25 | PCManager versions 11.1.1.95 has a privilege escalation vulnerability. Successful exploit... |
| CVE-2021-37504 | 2022-02-25 | A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of... |
| CVE-2021-42244 | 2022-02-25 | A cross-site scripting (XSS) vulnerability in PaquitoSoftware Notimoo v1.2 allows... |
| CVE-2021-44132 | 2022-02-25 | A command injection vulnerability in the function formImportOMCIShell of C-DATA... |
| CVE-2022-25060 | 2022-02-25 | TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability... |
| CVE-2022-25062 | 2022-02-25 | TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via... |
| CVE-2022-25064 | 2022-02-25 | TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution... |
| CVE-2022-25061 | 2022-02-25 | TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability... |
| CVE-2021-42952 | 2022-02-25 | Zepl Notebooks before 2021-10-25 are affected by a sandbox escape... |
| CVE-2022-25264 | 2022-02-25 | In JetBrains TeamCity before 2021.2.3, environment variables of the "password"... |
| CVE-2022-25263 | 2022-02-25 | JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection... |
| CVE-2022-25262 | 2022-02-25 | In JetBrains Hub before 2022.1.14434, SAML request takeover was possible. |
| CVE-2022-25261 | 2022-02-25 | JetBrains TeamCity before 2021.2.2 was vulnerable to reflected XSS. |
| CVE-2021-23495 | 2022-02-25 | Open Redirect |
| CVE-2022-25260 | 2022-02-25 | JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request... |
| CVE-2022-25259 | 2022-02-25 | JetBrains Hub before 2021.1.14276 was vulnerable to reflected XSS. |
| CVE-2022-24442 | 2022-02-25 | JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template... |
| CVE-2022-24710 | 2022-02-25 | Cross-site Scripting in Weblate |
| CVE-2022-25094 | 2022-02-25 | Home Owners Collection Management System v1.0 was discovered to contain... |
| CVE-2022-25095 | 2022-02-25 | Home Owners Collection Management System v1.0 allows unauthenticated attackers to... |
| CVE-2022-25096 | 2022-02-25 | Home Owners Collection Management System v1.0 was discovered to contain... |
| CVE-2022-21706 | 2022-02-25 | Multi-use invitations can grant access to other organizations in Zulip |
| CVE-2022-26149 | 2022-02-26 | MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute... |
| CVE-2022-23308 | 2022-02-26 | valid.c in libxml2 before 2.9.13 has a use-after-free of ID... |
| CVE-2021-46702 | 2022-02-26 | Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable... |
| CVE-2020-36516 | 2022-02-26 | An issue was discovered in the Linux kernel through 5.16.11.... |
| CVE-2022-24986 | 2022-02-26 | KDE KCron through 21.12.2 uses a temporary file in /tmp... |
| CVE-2022-25359 | 2022-02-26 | On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07... |
| CVE-2022-0762 | 2022-02-26 | Incorrect Authorization in microweber/microweber |
| CVE-2022-0763 | 2022-02-26 | Cross-site Scripting (XSS) - Stored in microweber/microweber |
| CVE-2022-0723 | 2022-02-26 | Cross-site Scripting (XSS) - Reflected in microweber/microweber |
| CVE-2022-0764 | 2022-02-26 | Arbitrary Command Injection in strapi/strapi |
| CVE-2020-27958 | 2022-02-26 | The Job Composer app in Ohio Supercomputer Center Open OnDemand... |
| CVE-2022-26146 | 2022-02-26 | Tricentis qTest before 10.4 allows stored XSS by an authenticated... |
| CVE-2022-22908 | 2022-02-26 | SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they... |
| CVE-2021-3967 | 2022-02-26 | Improper Access Control in zulip/zulip |
| CVE-2021-21708 | 2022-02-27 | UAF due to php_filter_float() failing |
| CVE-2022-0772 | 2022-02-27 | Cross-site Scripting (XSS) - Stored in librenms/librenms |
| CVE-2021-43945 | 2022-02-28 | Affected versions of Atlassian Jira Server and Data Center allow... |
| CVE-2022-26159 | 2022-02-28 | The auto-completion plugin in Ametys CMS before 4.5.0 allows a... |
| CVE-2020-36510 | 2022-02-28 | 15Zine < 3.3.0 - Reflected Cross-Site Scripting |
| CVE-2021-24688 | 2022-02-28 | Orange Form <= 1.0.1 - Unauthenticated Arbitrary Post Deletion |
| CVE-2021-24689 | 2022-02-28 | Contact Forms - Drag & Drop Contact Form Builder <= 1.0.5 - Admin+ Arbitrary System File Read |
| CVE-2021-24704 | 2022-02-28 | Orange Form <= 1.0 - SQL Injection via CSRF |
| CVE-2021-24730 | 2022-02-28 | Logo Showcase with Slick Slider < 1.2.5 - Subscriber+ Arbitrary Media Title/Description/Alt Text/URL Update |
| CVE-2021-24803 | 2022-02-28 | Core Tweaks WP Setup <= 4.1 - Arbitrary Admin Account Creation / Admin Email Update via CSRF |
| CVE-2021-24820 | 2022-02-28 | Cost Calculator <= 1.6 - Authenticated Local File Inclusion |
| CVE-2021-24823 | 2022-02-28 | Support Board < 3.3.6 - Arbitrary File Deletion via CSRF |
| CVE-2021-24864 | 2022-02-28 | WP Cloudy < 4.4.9 - Admin+ SQL Injection |
| CVE-2021-24898 | 2022-02-28 | EditableTable <= 0.1.4 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24901 | 2022-02-28 | Security Audit <= 1.0.0 - Admin+ Stored Cross Site Scripting |
| CVE-2021-24903 | 2022-02-28 | GRAND FlaGallery <= 6.1.2 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24913 | 2022-02-28 | Logo Showcase with Slick Slider < 2.0.1 - Arbitrary Media Title/Description/Alt Text/URL Update via CSRF |
| CVE-2021-24920 | 2022-02-28 | StatCounter < 2.0.7 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24933 | 2022-02-28 | Dynamic Widgets <= 1.5.16 - Reflected Cross-Site Scripting |
| CVE-2021-24971 | 2022-02-28 | WP Responsive Menu < 3.1.7.1 - Subscriber+ Settings Update to Stored XSS |
| CVE-2021-24977 | 2022-02-28 | Use Any Font < 6.2.1 - Unauthenticated Arbitrary CSS Appending |
| CVE-2021-24994 | 2022-02-28 | WPvivid Backup and Migration Plugin < 0.9.69 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2021-25010 | 2022-02-28 | Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting |
| CVE-2021-25011 | 2022-02-28 | WP Google Map < 1.8.1 - Subscriber+ Arbitrary Post Deletion and Plugin's Settings Update |
| CVE-2021-25034 | 2022-02-28 | WP User < 7.0 - Reflected Cross-Site Scripting |
| CVE-2021-25042 | 2022-02-28 | WP Visitor Statistics (Real Time Traffic) < 5.5 - Arbitrary IP Address Exclusion to Stored XSS |
| CVE-2021-25081 | 2022-02-28 | WP Google Map < 1.8.4 - Arbitrary Post Deletion and Plugin's Settings Update via CSRF |
| CVE-2021-25112 | 2022-02-28 | WHMCS Bridge < 6.4b - Reflected Cross-Site Scripting (XSS) |
| CVE-2021-25118 | 2022-02-28 | Yoast SEO 16.7-17.2 - Unauthenticated Full Path Disclosure |
| CVE-2021-4222 | 2022-02-28 | WP Paginate < 2.1.4 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-0150 | 2022-02-28 | WP Accessibility Helper (WAH) < 0.6.0.7 - Reflected Cross-Site Scripting (XSS) |
| CVE-2022-0189 | 2022-02-28 | WP RSS Aggregator < 4.20 - Reflected Cross-Site Scripting (XSS) |
| CVE-2022-0328 | 2022-02-28 | Simple Membership < 4.0.9 - Arbitrary Member Deletion via CSRF |
| CVE-2022-0345 | 2022-02-28 | Better Notifications for WP < 1.8.7 - Email Address Disclosure |
| CVE-2022-0360 | 2022-02-28 | WP Ultimate CSV Importer < 6.4.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-0377 | 2022-02-28 | LearnPress < 4.1.5 - Arbitrary Image Renaming |
| CVE-2022-0383 | 2022-02-28 | WP Review Slider < 11.0 - Admin+ SQL Injection |
| CVE-2022-0385 | 2022-02-28 | Crazy Bone <= 0.6.0 - Unauthenticated Stored XSS |
| CVE-2022-0411 | 2022-02-28 | Asgaros Forum < 2.0.0 - Subscriber+ Blind SQL Injection |
| CVE-2022-0412 | 2022-02-28 | TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL Injection |
| CVE-2022-23911 | 2022-02-28 | AP Custom Testimonial < 1.4.8 - Admin+ SQL Injection |