CVE List - 2022 / February
Showing 1601 - 1700 of 1942 CVEs for February 2022 (Page 17 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-21654 | 2022-02-22 | Incorrect configuration handling allows TLS session re-use without re-validation in Envoy |
| CVE-2022-21655 | 2022-02-22 | Incorrect handling of internal redirects results in crash in Envoy |
| CVE-2022-25072 | 2022-02-22 | TP-Link Archer A54 Archer A54(US)_V1_210111 routers were discovered to contain... |
| CVE-2022-25073 | 2022-02-22 | TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in... |
| CVE-2022-25074 | 2022-02-22 | TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow... |
| CVE-2022-25075 | 2022-02-22 | TOTOLink A3000RU V5.9c.2280_B20180512 was discovered to contain a command injection... |
| CVE-2022-25076 | 2022-02-22 | TOTOLink A800R V4.1.2cu.5137_B20200730 was discovered to contain a command injection... |
| CVE-2022-25077 | 2022-02-22 | TOTOLink A3100R V4.1.2cu.5050_B20200504 was discovered to contain a command injection... |
| CVE-2022-25078 | 2022-02-22 | TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection... |
| CVE-2022-25079 | 2022-02-22 | TOTOLink A810R V4.1.2cu.5182_B20201026 was discovered to contain a command injection... |
| CVE-2022-25080 | 2022-02-22 | TOTOLink A830R V5.9c.4729_B20191112 was discovered to contain a command injection... |
| CVE-2022-25081 | 2022-02-22 | TOTOLink T10 V5.9c.5061_B20200511 was discovered to contain a command injection... |
| CVE-2022-25082 | 2022-02-22 | TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a... |
| CVE-2022-25083 | 2022-02-22 | TOTOLink A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection... |
| CVE-2022-25084 | 2022-02-22 | TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection... |
| CVE-2022-25414 | 2022-02-22 | Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow... |
| CVE-2022-25417 | 2022-02-22 | Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow... |
| CVE-2022-25418 | 2022-02-22 | Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow... |
| CVE-2021-43825 | 2022-02-22 | Use-after-free in Envoy |
| CVE-2021-43826 | 2022-02-22 | Crash when tunneling TCP over HTTP in Envoy |
| CVE-2022-23612 | 2022-02-22 | Directory Traversal in OpenMRS Startup Filter |
| CVE-2022-0654 | 2022-02-22 | Exposure of Sensitive Information to an Unauthorized Actor in fgribreau/node-request-retry |
| CVE-2022-0726 | 2022-02-23 | Missing Authorization in chocobozzz/peertube |
| CVE-2022-0729 | 2022-02-23 | Use of Out-of-range Pointer Offset in vim/vim |
| CVE-2022-24407 | 2022-02-23 | In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does... |
| CVE-2022-0717 | 2022-02-23 | Out-of-bounds Read in mruby/mruby |
| CVE-2022-25809 | 2022-02-23 | Improper Neutralization of audio output from 3rd and 4th Generation... |
| CVE-2022-0736 | 2022-02-23 | Insecure Temporary File in mlflow/mlflow |
| CVE-2022-0719 | 2022-02-23 | Cross-site Scripting (XSS) - Reflected in microweber/microweber |
| CVE-2022-0721 | 2022-02-23 | Insertion of Sensitive Information Into Debugging Code in microweber/microweber |
| CVE-2022-0724 | 2022-02-23 | Insecure Storage of Sensitive Information in microweber/microweber |
| CVE-2022-24566 | 2022-02-23 | In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed... |
| CVE-2022-0727 | 2022-02-23 | Improper Access Control in chocobozzz/peertube |
| CVE-2022-24620 | 2022-02-23 | Piwigo version 12.2.0 is vulnerable to stored cross-site scripting (XSS),... |
| CVE-2022-0476 | 2022-02-23 | Denial of Service in radareorg/radare2 |
| CVE-2022-20650 | 2022-02-23 | Cisco NX-OS Software NX-API Command Injection Vulnerability |
| CVE-2022-20625 | 2022-02-23 | Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability |
| CVE-2022-20624 | 2022-02-23 | Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability |
| CVE-2022-20623 | 2022-02-23 | Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability |
| CVE-2021-43724 | 2022-02-23 | A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS... |
| CVE-2022-0731 | 2022-02-23 | Improper Access Control (IDOR) in dolibarr/dolibarr |
| CVE-2021-44607 | 2022-02-23 | A Cross Site Scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1... |
| CVE-2021-44608 | 2022-02-23 | Multiple Cross Site Scripting (XSS) vulnerabilities exists in bloofoxCMS 0.5.2.1... |
| CVE-2022-21705 | 2022-02-23 | Authenticated remote code execution in octobercms |
| CVE-2021-44610 | 2022-02-23 | Multiple SQL Injection vulnerabilities exist in bloofoxCMS 0.5.2.1 - 0.5.1... |
| CVE-2022-22333 | 2022-02-23 | IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM... |
| CVE-2022-22336 | 2022-02-23 | IBM Sterling External Authentication Server and IBM Sterling Secure Proxy... |
| CVE-2021-4070 | 2022-02-23 | Off-by-one Error in v2fly/v2ray-core |
| CVE-2021-44550 | 2022-02-23 | An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via... |
| CVE-2021-45746 | 2022-02-23 | A Directory Traversal vulnerability exists in WeBankPartners wecube-platform 3.2.1 via... |
| CVE-2022-25406 | 2022-02-23 | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-25404 | 2022-02-23 | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-25402 | 2022-02-23 | An incorrect access control issue in HMS v1.0 allows unauthenticated... |
| CVE-2022-25403 | 2022-02-23 | HMS v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-25401 | 2022-02-23 | The copy function of the file manager in Cuppa CMS... |
| CVE-2022-25104 | 2022-02-23 | HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download... |
| CVE-2022-25101 | 2022-02-23 | A vulnerability in the component /templates/install.php of WBCE CMS v1.5.2... |
| CVE-2022-25098 | 2022-02-23 | ECTouch v2 suffers from arbitrary file deletion due to insufficient... |
| CVE-2022-25099 | 2022-02-23 | A vulnerability in the component /languages/index.php of WBCE CMS v1.5.2... |
| CVE-2022-25405 | 2022-02-23 | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-24409 | 2022-02-23 | Dell BSAFE SSL-J contains remediation for a covert timing channel... |
| CVE-2022-23651 | 2022-02-23 | b2-sdk-python TOCTOU application key disclosure |
| CVE-2022-23653 | 2022-02-23 | B2 Command Line Tool TOCTOU application key disclosure |
| CVE-2022-23655 | 2022-02-23 | Missing server signature validation in OctoberCMS |
| CVE-2022-24708 | 2022-02-23 | Stored XSS vulnerability in anuko/timetracker |
| CVE-2022-24707 | 2022-02-23 | SQL injection in anuko timetracker |
| CVE-2021-26252 | 2022-02-24 | A flaw was found in htmldoc in v1.9.12. Heap buffer... |
| CVE-2021-3596 | 2022-02-24 | A NULL pointer dereference flaw was found in ImageMagick in... |
| CVE-2021-3610 | 2022-02-24 | A heap-based buffer overflow vulnerability was found in ImageMagick in... |
| CVE-2022-21824 | 2022-02-24 | Due to the formatting logic of the "console.table()" function it... |
| CVE-2022-25148 | 2022-02-24 | WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_id |
| CVE-2021-35689 | 2022-02-24 | A potential vulnerability in the Oracle Talent Acquisition Cloud -... |
| CVE-2022-23176 | 2022-02-24 | WatchGuard Firebox and XTM appliances allow a remote attacker with... |
| CVE-2022-25638 | 2022-02-24 | In wolfSSL before 5.2.0, certificate validation may be bypassed during... |
| CVE-2022-25640 | 2022-02-24 | In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly... |
| CVE-2019-25058 | 2022-02-24 | An issue was discovered in USBGuard before 1.1.0. On systems... |
| CVE-2022-25838 | 2022-02-24 | Laravel Fortify before 1.11.1 allows reuse within a short time... |
| CVE-2022-25329 | 2022-02-24 | Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential... |
| CVE-2022-25330 | 2022-02-24 | Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8... |
| CVE-2022-25331 | 2022-02-24 | Uncaught exceptions that can be generated in Trend Micro ServerProtection... |
| CVE-2022-24671 | 2022-02-24 | A link following privilege escalation vulnerability in Trend Micro Antivirus... |
| CVE-2022-24678 | 2022-02-24 | An security agent resource exhaustion denial-of-service vulnerability in Trend Micro... |
| CVE-2022-24679 | 2022-02-24 | A security link following local privilege escalation vulnerability in Trend... |
| CVE-2022-24680 | 2022-02-24 | A security link following local privilege escalation vulnerability in Trend... |
| CVE-2021-26092 | 2022-02-24 | Failure to sanitize input in the SSL VPN web portal... |
| CVE-2021-43943 | 2022-02-24 | Affected versions of Atlassian Jira Service Management Server and Data... |
| CVE-2022-25360 | 2022-02-24 | WatchGuard Firebox and XTM appliances allow an authenticated remote attacker... |
| CVE-2022-25292 | 2022-02-24 | A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM... |
| CVE-2022-25293 | 2022-02-24 | A systemd stack-based buffer overflow in WatchGuard Firebox and XTM... |
| CVE-2022-25363 | 2022-02-24 | WatchGuard Firebox and XTM appliances allow an authenticated remote attacker... |
| CVE-2022-25290 | 2022-02-24 | WatchGuard Firebox and XTM appliances allow an authenticated remote attacker... |
| CVE-2022-25291 | 2022-02-24 | An integer overflow in WatchGuard Firebox and XTM appliances allows... |
| CVE-2022-21142 | 2022-02-24 | Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior... |
| CVE-2022-21179 | 2022-02-24 | Cross-site request forgery (CSRF) vulnerability in EC-CUBE plugin 'Mail Magazine... |
| CVE-2022-23810 | 2022-02-24 | Template injection (Improper Neutralization of Special Elements Used in a... |
| CVE-2022-23916 | 2022-02-24 | Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior... |
| CVE-2022-23986 | 2022-02-24 | SQL injection vulnerability in the phpUploader v1.2 and earlier allows... |
| CVE-2022-24374 | 2022-02-24 | Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior... |
| CVE-2022-24435 | 2022-02-24 | Cross-site scripting vulnerability in phpUploader v1.2 and earlier allows a... |
| CVE-2022-25355 | 2022-02-24 | EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly... |