CVE List - 2022 / March
Showing 1501 - 1600 of 2065 CVEs for March 2022 (Page 16 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-27475 | 2022-03-23 | Rockwell Automation Connected Components Workbench Deserialization of Untrusted Data |
| CVE-2021-3748 | 2022-03-23 | A use-after-free vulnerability was found in the virtio-net device of... |
| CVE-2022-0981 | 2022-03-23 | A flaw was found in Quarkus. The state and potentially... |
| CVE-2021-4197 | 2022-03-23 | An unprivileged write to the file handler flaw in the... |
| CVE-2021-4148 | 2022-03-23 | A vulnerability was found in the Linux kernel's block_invalidatepage in... |
| CVE-2021-4149 | 2022-03-23 | A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the... |
| CVE-2021-4150 | 2022-03-23 | A use-after-free flaw was found in the add_partition in block/partitions/core.c... |
| CVE-2022-22951 | 2022-03-23 | VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x... |
| CVE-2022-22952 | 2022-03-23 | VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x... |
| CVE-2022-0834 | 2022-03-23 | The Amelia WordPress plugin is vulnerable to Cross-Site Scripting due... |
| CVE-2022-0889 | 2022-03-23 | The Ninja Forms - File Uploads Extension WordPress plugin is... |
| CVE-2022-0750 | 2022-03-23 | The Photoswipe Masonry Gallery WordPress plugin is vulnerable to Cross-Site... |
| CVE-2022-0888 | 2022-03-23 | The Ninja Forms - File Uploads Extension WordPress plugin is... |
| CVE-2022-23880 | 2022-03-23 | An arbitrary file upload vulnerability in the File Management function... |
| CVE-2022-23881 | 2022-03-23 | ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command... |
| CVE-2022-24757 | 2022-03-23 | Sensitive Auth & Cookie data stored in Jupyter server logs |
| CVE-2022-24730 | 2022-03-23 | Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server |
| CVE-2022-24731 | 2022-03-23 | Path traversal allows leaking out-of-bound files from Argo CD repo-server |
| CVE-2022-27254 | 2022-03-23 | The remote keyless system on Honda Civic 2018 vehicles sends... |
| CVE-2022-22819 | 2022-03-23 | NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers (ROM... |
| CVE-2022-24934 | 2022-03-23 | wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code... |
| CVE-2022-24768 | 2022-03-23 | Improper access control allows admin privilege escalation in Argo CD |
| CVE-2022-27192 | 2022-03-23 | The Reporting module in Aseco Lietuva document management system DVS... |
| CVE-2022-25041 | 2022-03-23 | OpenEMR v6.0.0 was discovered to contain an incorrect access control... |
| CVE-2020-20093 | 2022-03-23 | The Facebook Messenger app for iOS 227.0 and prior and... |
| CVE-2020-20094 | 2022-03-23 | Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior... |
| CVE-2020-20095 | 2022-03-23 | iMessage (Messages app) iOS 12.4 and prior user interface does... |
| CVE-2020-20096 | 2022-03-23 | Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior... |
| CVE-2022-25267 | 2022-03-23 | Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal (to... |
| CVE-2022-25268 | 2022-03-23 | Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups,... |
| CVE-2022-25269 | 2022-03-23 | Passwork On-Premise Edition before 4.6.13 has multiple XSS issues. |
| CVE-2022-25266 | 2022-03-23 | Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal (to... |
| CVE-2021-31326 | 2022-03-23 | D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily... |
| CVE-2022-26289 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-26290 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-26536 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-27076 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-27077 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-27078 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-27079 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-27080 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-27081 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-27082 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2022-27083 | 2022-03-23 | Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command... |
| CVE-2021-43666 | 2022-03-24 | A Denial of Service vulnerability exists in mbed TLS 3.0.0... |
| CVE-2022-24769 | 2022-03-24 | Default inheritable capabilities for linux container should be empty |
| CVE-2022-27811 | 2022-03-24 | GNOME OCRFeeder before 0.8.4 allows OS command injection via shell... |
| CVE-2022-27820 | 2022-03-24 | OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify... |
| CVE-2022-0315 | 2022-03-24 | Insecure Temporary File in horovod/horovod |
| CVE-2022-1061 | 2022-03-24 | Heap Buffer Overflow in parseDragons in radareorg/radare2 |
| CVE-2022-0145 | 2022-03-24 | Cross-site Scripting (XSS) - Stored in forkcms/forkcms |
| CVE-2021-43700 | 2022-03-24 | An issue was discovered in ApiManager 1.1. there is sql... |
| CVE-2022-1052 | 2022-03-24 | Heap Buffer Overflow in iterate_chained_fixups in radareorg/radare2 |
| CVE-2021-43659 | 2022-03-24 | In halo 1.4.14, the function point of uploading the avatar,... |
| CVE-2022-1058 | 2022-03-24 | Open Redirect on login in go-gitea/gitea |
| CVE-2022-0550 | 2022-03-24 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 |
| CVE-2022-0551 | 2022-03-24 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 |
| CVE-2021-39491 | 2022-03-24 | A Cross Site Scripting (XSS) vulnerability exists in Yogesh Ojha... |
| CVE-2022-0955 | 2022-03-24 | Cross-site Scripting (XSS) - Stored in pimcore/data-hub |
| CVE-2022-26629 | 2022-03-24 | An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in... |
| CVE-2022-25568 | 2022-03-24 | MotionEye v0.42.1 and below allows attackers to access sensitive information... |
| CVE-2022-21820 | 2022-03-24 | NVIDIA DCGM contains a vulnerability in nvhostengine, where a network... |
| CVE-2022-0153 | 2022-03-24 | SQL Injection in forkcms/forkcms |
| CVE-2021-43084 | 2022-03-24 | An SQL Injection vulnerability exists in Dreamer CMS 4.0.0 via... |
| CVE-2022-22374 | 2022-03-24 | The BMC (IBM Power 9 AC922 OP910, OP920, OP930, and... |
| CVE-2022-24776 | 2022-03-24 | Open Redirect in Flask-AppBuilder |
| CVE-2022-25571 | 2022-03-24 | Bluedon Information Security Technologies Co.,Ltd Internet Access Detector v1.0 was... |
| CVE-2022-24781 | 2022-03-24 | Malicious users can take over the session of other players |
| CVE-2022-24782 | 2022-03-24 | Secure category names leaked via user activity export in Discourse |
| CVE-2022-26249 | 2022-03-24 | Survey King v0.3.0 does not filter data properly when exporting... |
| CVE-2022-26301 | 2022-03-24 | TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-25575 | 2022-03-24 | Multiple cross-site scripting (XSS) vulnerabilities in Parking Management System v1.0... |
| CVE-2022-26272 | 2022-03-24 | A remote code execution (RCE) vulnerability in Ionize v1.0.8.1 allows... |
| CVE-2022-26279 | 2022-03-24 | EyouCMS v1.5.5 was discovered to have no access control in... |
| CVE-2022-25576 | 2022-03-24 | Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request... |
| CVE-2021-3933 | 2022-03-25 | An integer overflow could occur when OpenEXR processes a crafted... |
| CVE-2021-3941 | 2022-03-25 | In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such... |
| CVE-2021-4147 | 2022-03-25 | A flaw was found in the libvirt libxl driver. A... |
| CVE-2021-4203 | 2022-03-25 | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c... |
| CVE-2022-0330 | 2022-03-25 | A random memory access flaw was found in the Linux... |
| CVE-2022-0435 | 2022-03-25 | A stack overflow flaw was found in the Linux kernel's... |
| CVE-2022-0897 | 2022-03-25 | A flaw was found in the libvirt nwfilter driver. The... |
| CVE-2022-22995 | 2022-03-25 | Western Digital My Cloud OS 5 and My Cloud Home Unauthenticated Arbitrary File Write Vulnerability in Netatalk |
| CVE-2018-25032 | 2022-03-25 | zlib before 1.2.12 allows memory corruption when deflating (i.e., when... |
| CVE-2022-22688 | 2022-03-25 | Improper neutralization of special elements used in a command ('Command... |
| CVE-2022-22687 | 2022-03-25 | Buffer copy without checking size of input ('Classic Buffer Overflow')... |
| CVE-2021-44751 | 2022-03-25 | F-Secure SAFE Browser vulnerable to USSD attacks |
| CVE-2022-1064 | 2022-03-25 | SQL injection through marking blog comments on bulk as spam in forkcms/forkcms |
| CVE-2022-1040 | 2022-03-25 | An authentication bypass vulnerability in the User Portal and Webadmin... |
| CVE-2022-27227 | 2022-03-25 | In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and... |
| CVE-2020-21554 | 2022-03-25 | A File Deletion vulnerability exists in TinyShop 3.1.1 in the... |
| CVE-2021-43090 | 2022-03-25 | An XML External Entity (XXE) vulnerability exists in soa-model before... |
| CVE-2021-46426 | 2022-03-25 | phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of... |
| CVE-2022-25574 | 2022-03-25 | A stored cross-site scripting (XSS) vulnerability in the upload function... |
| CVE-2021-43091 | 2022-03-25 | An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via... |
| CVE-2022-25577 | 2022-03-25 | ALF-BanCO v8.2.5 and below was discovered to use a hardcoded... |
| CVE-2022-24777 | 2022-03-25 | Denial of Service via reachable assertion in grpc-swift |
| CVE-2022-25582 | 2022-03-25 | A stored cross-site scripting (XSS) vulnerability in the Column module... |
| CVE-2022-26263 | 2022-03-25 | Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site... |
| CVE-2022-27881 | 2022-03-25 | engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21... |