VULNMAP - Security Vulnerabilities

CVE List - 2022 / March

Showing 901 - 1000 of 2065 CVEs for March 2022 (Page 10 of 21)

CVE ID Date Title
CVE-2022-0964 2022-03-15 Stored XSS viva .webmv file upload in star7th/showdoc
CVE-2022-26779 2022-03-15 Apache Cloudstack insecure random number generation affects project email invitation
CVE-2022-0968 2022-03-15 The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in microweber/microweber
CVE-2022-0970 2022-03-15 Cross-site Scripting (XSS) - Stored in getgrav/grav
CVE-2022-27195 2022-03-15 Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables...
CVE-2022-27196 2022-03-15 Jenkins Favorite Plugin 2.4.0 and earlier does not escape the...
CVE-2022-27197 2022-03-15 Jenkins Dashboard View Plugin 2.18 and earlier does not perform...
CVE-2022-27198 2022-03-15 A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS...
CVE-2022-27199 2022-03-15 A missing permission check in Jenkins CloudBees AWS Credentials Plugin...
CVE-2022-27200 2022-03-15 Jenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not...
CVE-2022-27201 2022-03-15 Jenkins Semantic Versioning Plugin 1.13 and earlier does not restrict...
CVE-2022-27202 2022-03-15 Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not...
CVE-2022-27203 2022-03-15 Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers...
CVE-2022-27204 2022-03-15 A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter...
CVE-2022-27205 2022-03-15 A missing permission check in Jenkins Extended Choice Parameter Plugin...
CVE-2022-27206 2022-03-15 Jenkins GitLab Authentication Plugin 1.13 and earlier stores the GitLab...
CVE-2022-27207 2022-03-15 Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple...
CVE-2022-27208 2022-03-15 Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users...
CVE-2022-27209 2022-03-15 A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin...
CVE-2022-27210 2022-03-15 A cross-site request forgery (CSRF) vulnerability in Jenkins Kubernetes Continuous...
CVE-2022-27211 2022-03-15 A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin...
CVE-2022-27212 2022-03-15 Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier does...
CVE-2022-27213 2022-03-15 Jenkins Environment Dashboard Plugin 1.1.10 and earlier does not escape...
CVE-2022-27214 2022-03-15 A cross-site request forgery (CSRF) vulnerability in Jenkins Release Helper...
CVE-2022-27215 2022-03-15 A missing permission check in Jenkins Release Helper Plugin 1.3.3...
CVE-2022-27216 2022-03-15 Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords...
CVE-2022-27217 2022-03-15 Jenkins Vmware vRealize CodeStream Plugin 1.2 and earlier stores passwords...
CVE-2022-27218 2022-03-15 Jenkins incapptic connect uploader Plugin 1.15 and earlier stores tokens...
CVE-2020-4989 2022-03-15 IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM...
CVE-2022-22771 2022-03-15 TIBCO JasperReports Library Directory Traversal Vulnerability
CVE-2022-0778 2022-03-15 Infinite loop in BN_mod_sqrt() reachable when parsing certificates
CVE-2022-25498 2022-03-15 CuppaCMS v1.0 was discovered to contain a remote code execution...
CVE-2022-25497 2022-03-15 CuppaCMS v1.0 was discovered to contain an arbitrary file read...
CVE-2022-25495 2022-03-15 The component /jquery_file_upload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload...
CVE-2022-25494 2022-03-15 Online Banking System v1.0 was discovered to contain a SQL...
CVE-2022-25493 2022-03-15 HMS v1.0 was discovered to contain a reflected cross-site scripting...
CVE-2022-25492 2022-03-15 HMS v1.0 was discovered to contain a SQL injection vulnerability...
CVE-2022-25491 2022-03-15 HMS v1.0 was discovered to contain a SQL injection vulnerability...
CVE-2022-25490 2022-03-15 HMS v1.0 was discovered to contain a SQL injection vulnerability...
CVE-2022-25489 2022-03-15 Atom CMS v2.0 was discovered to contain a reflected cross-site...
CVE-2022-25488 2022-03-15 Atom CMS v2.0 was discovered to contain a SQL injection...
CVE-2022-25487 2022-03-15 Atom CMS v2.0 was discovered to contain a remote code...
CVE-2022-25486 2022-03-15 CuppaCMS v1.0 was discovered to contain a local file inclusion...
CVE-2022-25485 2022-03-15 CuppaCMS v1.0 was discovered to contain a local file inclusion...
CVE-2022-23989 2022-03-15 In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x...
CVE-2021-29134 2022-03-15 The avatar middleware in Gitea before 1.13.6 allows Directory Traversal...
CVE-2022-26206 2022-03-15 Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU...
CVE-2022-26207 2022-03-15 Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU...
CVE-2022-26208 2022-03-15 Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU...
CVE-2022-26209 2022-03-15 Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU...
CVE-2022-26210 2022-03-15 Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU...
CVE-2022-26211 2022-03-15 Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU...
CVE-2022-26212 2022-03-15 Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU...
CVE-2022-26213 2022-03-15 Totolink X5000R_Firmware v9.1.0u.6118_B20201102 was discovered to contain a command injection...
CVE-2022-26214 2022-03-15 Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU...
CVE-2022-26990 2022-03-15 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were...
CVE-2022-26991 2022-03-15 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were...
CVE-2022-26992 2022-03-15 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were...
CVE-2022-26993 2022-03-15 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were...
CVE-2022-26994 2022-03-15 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were...
CVE-2022-26995 2022-03-15 Arris TR3300 v1.0.13 was discovered to contain a command injection...
CVE-2022-26996 2022-03-15 Arris TR3300 v1.0.13 was discovered to contain a command injection...
CVE-2022-26997 2022-03-15 Arris TR3300 v1.0.13 was discovered to contain a command injection...
CVE-2022-26998 2022-03-15 Arris TR3300 v1.0.13 was discovered to contain a command injection...
CVE-2022-26999 2022-03-15 Arris TR3300 v1.0.13 was discovered to contain a command injection...
CVE-2022-27000 2022-03-15 Arris TR3300 v1.0.13 was discovered to contain a command injection...
CVE-2022-27001 2022-03-15 Arris TR3300 v1.0.13 were discovered to contain a command injection...
CVE-2022-27002 2022-03-15 Arris TR3300 v1.0.13 were discovered to contain a command injection...
CVE-2022-27003 2022-03-15 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered...
CVE-2022-27005 2022-03-15 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered...
CVE-2022-27004 2022-03-15 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered...
CVE-2020-36519 2022-03-15 Mimecast Email Security before 2020-01-10 allows any admin to spoof...
CVE-2022-27223 2022-03-15 In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint...
CVE-2020-25721 2022-03-16 Kerberos acceptors need easy access to stable AD identifiers (eg...
CVE-2021-20299 2022-03-16 A flaw was found in OpenEXR's Multipart input file functionality....
CVE-2022-24728 2022-03-16 Cross-site Scripting in CKEditor4
CVE-2022-24729 2022-03-16 Regular expression Denial of Service in dialog plugin
CVE-2022-27225 2022-03-16 Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in...
CVE-2021-43955 2022-03-16 The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9...
CVE-2021-43956 2022-03-16 The jQuery deserialize library in Fisheye and Crucible before version...
CVE-2021-43957 2022-03-16 Affected versions of Atlassian Fisheye & Crucible allowed remote attackers...
CVE-2021-43958 2022-03-16 Various rest resources in Fisheye and Crucible before version 4.8.9...
CVE-2022-0911 2022-03-16 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
CVE-2022-0704 2022-03-16 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
CVE-2021-45852 2022-03-16 An issue was discovered in Projectworlds Hospital Management System v1.0....
CVE-2021-46705 2022-03-16 grub2-once uses fixed file name in /var/tmp
CVE-2021-45851 2022-03-16 A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can...
CVE-2022-21945 2022-03-16 cscreen: usage of fixed path /tmp/cscreen.debug
CVE-2022-21946 2022-03-16 suddoers configuration for cscreen not restrictive enough
CVE-2022-0705 2022-03-16 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
CVE-2021-45786 2022-03-16 In maccms v10, an attacker can log in through /index.php/user/login...
CVE-2021-45787 2022-03-16 There is a stored Cross Site Scripting (XSS) vulnerability in...
CVE-2022-0986 2022-03-16 Reflected Cross-site Scripting (XSS) Vulnerability in hestiacp/hestiacp
CVE-2021-42552 2022-03-16 Reflected XSS in Archivista
CVE-2022-24751 2022-03-16 Race condition in Zulip
CVE-2022-26353 2022-03-16 A flaw was found in the virtio-net device of QEMU....
CVE-2022-26354 2022-03-16 A flaw was found in the vhost-vsock device of QEMU....
CVE-2021-40778 2022-03-16 Adobe Media Encoder Null Pointer Dereference Application denial-of-service
CVE-2021-40777 2022-03-16 Adobe Media Encoder WAV file memory corruption vulnerability could lead to arbitrary code execution
CVE-2021-40782 2022-03-16 Adobe Media Encoder Null Pointer Dereference Application denial-of-service