CVE List - 2022 / February
Showing 401 - 500 of 1942 CVEs for February 2022 (Page 5 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-24880 | 2022-02-07 | SupportCandy < 2.2.7 - Contributor+ Stored Cross-Site Scripting |
| CVE-2021-24928 | 2022-02-07 | Rearrange Woocommerce Products < 3.0.8 - Subscriber+ SQL Injection |
| CVE-2021-24947 | 2022-02-07 | RVM - Responsive Vector Maps < 6.4.2 - Subscriber+ Arbitrary File Read |
| CVE-2021-24993 | 2022-02-07 | Ultimate Product Catalog < 5.0.26 - Subscriber+ Arbitrary Product Creation & Settings Update |
| CVE-2021-25004 | 2022-02-07 | SEUR Oficial < 1.7.2 - Admin+ Arbitrary File Download |
| CVE-2021-25029 | 2022-02-07 | Cluevo < 1.8.1 - Admin+ Stored Cross Site Scripting |
| CVE-2021-25077 | 2022-02-07 | Store Toolkit for WooCommerce < 2.3.2 - Reflected Cross-Site Scripting |
| CVE-2021-25084 | 2022-02-07 | Advanced Cron Manager - Subscriber+ Arbitrary Events/Schedules Creation/Deletion |
| CVE-2021-25096 | 2022-02-07 | IP2Location Country Blocker < 2.26.5 - Ban Bypass |
| CVE-2021-25103 | 2022-02-07 | GTranslate < 2.9.7 - Reflected Cross-Site Scripting |
| CVE-2021-25105 | 2022-02-07 | Ivory Search < 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting |
| CVE-2021-25106 | 2022-02-07 | WPLegalPages < 2.7.1 - Subscriber+ Arbitrary Settings Update to Stored XSS |
| CVE-2021-25108 | 2022-02-07 | IP2Location Country Blocker < 2.26.6 - Arbitrary Country Ban via CSRF |
| CVE-2021-25114 | 2022-02-07 | Paid Memberships Pro < 2.6.7 - Unauthenticated Blind SQL Injection |
| CVE-2022-0148 | 2022-02-07 | All-in-one Floating Contact Form < 2.0.4 - Authenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2022-0149 | 2022-02-07 | WooCommerce – Store Exporter < 2.7.1 - Reflected Cross-Site Scripting (XSS) |
| CVE-2022-23261 | 2022-02-07 | Microsoft Edge (Chromium-based) Tampering Vulnerability |
| CVE-2022-23262 | 2022-02-07 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-23263 | 2022-02-07 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-22931 | 2022-02-07 | Path traversal in Apache James 3.6.1 |
| CVE-2021-42833 | 2022-02-07 | Use of hardcoded credentials impacting AquaView versions 1.60, 7.x, 8.x |
| CVE-2022-21815 | 2022-02-07 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2022-21816 | 2022-02-07 | NVIDIA vGPU software contains a vulnerability in the Virtual GPU... |
| CVE-2021-45281 | 2022-02-07 | QuickBox Pro v2.4.8 contains a cross-site scripting (XSS) vulnerability at... |
| CVE-2022-23613 | 2022-02-07 | Privilege escalation on xrdp |
| CVE-2021-3835 | 2022-02-07 | Buffer overflow in usb device class |
| CVE-2021-3861 | 2022-02-07 | The RNDIS USB device class includes a buffer overflow vulnerability |
| CVE-2022-23624 | 2022-02-07 | Validation bypass in frourio-express |
| CVE-2022-23623 | 2022-02-07 | Validation bypass in frourio |
| CVE-2022-0523 | 2022-02-08 | Use After Free in radareorg/radare2 |
| CVE-2022-24450 | 2022-02-08 | NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated... |
| CVE-2022-0506 | 2022-02-08 | Cross-site Scripting (XSS) - Stored in microweber/microweber |
| CVE-2022-0505 | 2022-02-08 | Cross-Site Request Forgery (CSRF) in microweber/microweber |
| CVE-2022-0504 | 2022-02-08 | Generation of Error Message Containing Sensitive Information in microweber/microweber |
| CVE-2021-20877 | 2022-02-08 | Cross-site scripting vulnerability in Canon laser printers and small office... |
| CVE-2022-21173 | 2022-02-08 | Hidden functionality vulnerability in ELECOM LAN routers (WRH-300BK3 firmware v1.05... |
| CVE-2022-21193 | 2022-02-08 | Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a... |
| CVE-2022-21241 | 2022-02-08 | Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a... |
| CVE-2022-21799 | 2022-02-08 | Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13... |
| CVE-2022-21805 | 2022-02-08 | Reflected cross-site scripting vulnerability in the attached file name of... |
| CVE-2022-22142 | 2022-02-08 | Reflected cross-site scripting vulnerability in the checkbox of php_mailform versions... |
| CVE-2022-22146 | 2022-02-08 | Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a... |
| CVE-2022-0508 | 2022-02-08 | Server-Side Request Forgery (SSRF) in chocobozzz/peertube |
| CVE-2022-0509 | 2022-02-08 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2022-23331 | 2022-02-08 | In DataEase v1.6.1, an authenticated user can gain unauthorized access... |
| CVE-2022-23340 | 2022-02-08 | Joplin 2.6.10 allows remote attackers to execute system commands through... |
| CVE-2021-44957 | 2022-02-08 | Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It... |
| CVE-2021-44956 | 2022-02-08 | Two Heap based buffer overflow vulnerabilities exist in ffjpeg through... |
| CVE-2022-0510 | 2022-02-08 | Cross-site Scripting (XSS) - Reflected in pimcore/pimcore |
| CVE-2021-44864 | 2022-02-08 | TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to... |
| CVE-2021-45325 | 2022-02-08 | Server Side Request Forgery (SSRF) vulneraility exists in Gitea before... |
| CVE-2021-45326 | 2022-02-08 | Cross Site Request Forgery (CSRF) vulnerability exists in Gitea before... |
| CVE-2021-45327 | 2022-02-08 | Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods... |
| CVE-2021-45328 | 2022-02-08 | Gitea before 1.4.3 is affected by URL Redirection to Untrusted... |
| CVE-2022-0139 | 2022-02-08 | Use After Free in radareorg/radare2 |
| CVE-2022-21702 | 2022-02-08 | Cross site scripting in Grafana proxy |
| CVE-2022-0518 | 2022-02-08 | Heap-based Buffer Overflow in radareorg/radare2 |
| CVE-2022-0519 | 2022-02-08 | Buffer Access with Incorrect Length Value in radareorg/radare2 |
| CVE-2022-21703 | 2022-02-08 | Cross Site Request Forgery in Grafana |
| CVE-2022-0520 | 2022-02-08 | Use After Free in radareorg/radare2 |
| CVE-2022-0521 | 2022-02-08 | Access of Memory Location After End of Buffer in radareorg/radare2 |
| CVE-2022-21713 | 2022-02-08 | Exposure of Sensitive Information in Grafana |
| CVE-2022-0522 | 2022-02-08 | Access of Memory Location Before Start of Buffer in radareorg/radare2 |
| CVE-2022-23626 | 2022-02-08 | Insufficient file checks in m1k1o/blog |
| CVE-2022-0524 | 2022-02-08 | Business Logic Errors in publify/publify |
| CVE-2021-45329 | 2022-02-08 | Cross Site Scripting (XSS) vulnerability exists in Gitea before 1.5.1... |
| CVE-2021-45919 | 2022-02-08 | Studio 42 elFinder through 2.1.31 allows XSS via an SVG... |
| CVE-2022-23627 | 2022-02-08 | Inadequate access verification when using proxy commands in ArchiSteamFarm |
| CVE-2022-24677 | 2022-02-08 | Admin.php in HYBBS2 through 2.3.2 allows remote code execution because... |
| CVE-2022-24676 | 2022-02-08 | update_code in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file... |
| CVE-2021-46360 | 2022-02-09 | Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and earlier... |
| CVE-2022-0391 | 2022-02-09 | A flaw was found in Python, specifically within the urllib.parse... |
| CVE-2022-22807 | 2022-02-09 | A CWE-1021 Improper Restriction of Rendered UI Layers or Frames... |
| CVE-2022-22808 | 2022-02-09 | A CWE-352: Cross-Site Request Forgery (CSRF) exists that could cause... |
| CVE-2022-22809 | 2022-02-09 | A CWE-306: Missing Authentication for Critical Function vulnerability exists that... |
| CVE-2022-24682 | 2022-02-09 | An issue was discovered in the Calendar feature in Zimbra... |
| CVE-2022-0525 | 2022-02-09 | Out-of-bounds Read in mruby/mruby |
| CVE-2022-0526 | 2022-02-09 | Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot |
| CVE-2022-0527 | 2022-02-09 | Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot |
| CVE-2022-24694 | 2022-02-09 | In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10... |
| CVE-2021-37852 | 2022-02-09 | LPE in ESET products for Windows |
| CVE-2022-0536 | 2022-02-09 | Improper Removal of Sensitive Information Before Storage or Transfer in follow-redirects/follow-redirects |
| CVE-2021-40837 | 2022-02-09 | Denial-of-Service (DoS) Vulnerability |
| CVE-2021-25939 | 2022-02-09 | ArangoDB - Blind SSRF when Downloading Foxx Service from URL |
| CVE-2022-23378 | 2022-02-09 | A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version... |
| CVE-2021-46354 | 2022-02-09 | Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0... |
| CVE-2022-0538 | 2022-02-09 | Jenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom... |
| CVE-2022-0539 | 2022-02-09 | Cross-site Scripting (XSS) - Stored in ptrofimov/beanstalk_console |
| CVE-2021-3813 | 2022-02-09 | Improper Privilege Management in chatwoot/chatwoot |
| CVE-2021-37185 | 2022-02-09 | A vulnerability has been identified in SIMATIC Drive Controller family... |
| CVE-2021-37194 | 2022-02-09 | A vulnerability has been identified in COMOS V10.2 (All versions... |
| CVE-2021-37204 | 2022-02-09 | A vulnerability has been identified in SIMATIC Drive Controller family... |
| CVE-2021-37205 | 2022-02-09 | A vulnerability has been identified in SIMATIC Drive Controller family... |
| CVE-2021-40360 | 2022-02-09 | A vulnerability has been identified in SIMATIC PCS 7 V8.2... |
| CVE-2021-40363 | 2022-02-09 | A vulnerability has been identified in SIMATIC PCS 7 V8.2... |
| CVE-2021-44000 | 2022-02-09 | A vulnerability has been identified in JT2Go (All versions <... |
| CVE-2021-44016 | 2022-02-09 | A vulnerability has been identified in JT2Go (All versions <... |
| CVE-2021-44018 | 2022-02-09 | A vulnerability has been identified in JT2Go (All versions <... |
| CVE-2021-45106 | 2022-02-09 | A vulnerability has been identified in SICAM TOOLBOX II (All... |
| CVE-2021-46151 | 2022-02-09 | A vulnerability has been identified in Simcenter Femap V2020.2 (All... |