CVE List - 2022 / March
Showing 1601 - 1700 of 2065 CVEs for March 2022 (Page 17 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-27882 | 2022-03-25 | slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an... |
| CVE-2022-24778 | 2022-03-25 | Incorrect Authorization in imgcrypt |
| CVE-2021-43636 | 2022-03-25 | Two Buffer Overflow vulnerabilities exists in T10 V2_Firmware V4.1.8cu.5207_B20210320 in... |
| CVE-2021-35254 | 2022-03-25 | Authenticated Remote Code Execution in WebHelpDesk 12.7.8 |
| CVE-2021-44462 | 2022-03-25 | Horner Automation Cscape EnvisionRV Improper Input Validation |
| CVE-2021-44477 | 2022-03-25 | GE Gas Power ToolBoxST Improper Restriction of XML External Entity Reference |
| CVE-2022-0988 | 2022-03-25 | Delta Electronics DIAEnergie CLEARTEXT Transmission of Sensitive Information |
| CVE-2021-44768 | 2022-03-25 | Delta Electronics CNCSoft Out-of-bounds Read |
| CVE-2022-25606 | 2022-03-25 | WordPress WP-DownloadManager plugin <= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-25610 | 2022-03-25 | WordPress Simple Ajax Chat plugin <= 20220115 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-25611 | 2022-03-25 | WordPress Simple Event Planner plugin <= 1.5.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-25612 | 2022-03-25 | WordPress Simple Event Planner plugin <= 1.5.4 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2021-26620 | 2022-03-25 | IPTIME NAS2dual improper authentication vulnerability |
| CVE-2021-26621 | 2022-03-25 | Netis Korea MEX01 Buffer overflow vulnerability |
| CVE-2021-26622 | 2022-03-25 | Genian NAC remote code execution vulnerability |
| CVE-2021-22100 | 2022-03-25 | In cloud foundry CAPI versions prior to 1.122, a denial-of-service... |
| CVE-2021-3422 | 2022-03-25 | Indexer denial-of-service via malformed S2S request |
| CVE-2021-4157 | 2022-03-25 | An out of memory bounds write flaw (1 or 2... |
| CVE-2021-4202 | 2022-03-25 | A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in... |
| CVE-2021-20290 | 2022-03-25 | An improper authorization handling flaw was found in Foreman. The... |
| CVE-2021-3567 | 2022-03-25 | A flaw was found in Caribou due to a regression... |
| CVE-2021-3582 | 2022-03-25 | A flaw was found in the QEMU implementation of VMWare's... |
| CVE-2021-3814 | 2022-03-25 | It was found that 3scale's APIdocs does not validate the... |
| CVE-2022-0322 | 2022-03-25 | A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c... |
| CVE-2021-20323 | 2022-03-25 | A POST based reflected Cross Site Scripting vulnerability on has... |
| CVE-2022-1049 | 2022-03-25 | A flaw was found in the Pacemaker configuration tool (pcs).... |
| CVE-2022-0500 | 2022-03-25 | A flaw was found in unrestricted eBPF usage by the... |
| CVE-2022-0494 | 2022-03-25 | A kernel information leak flaw was identified in the scsi_ioctl... |
| CVE-2022-0983 | 2022-03-25 | An SQL injection risk was identified in Badges code relating... |
| CVE-2022-0995 | 2022-03-25 | An out-of-bounds (OOB) memory write flaw was found in the... |
| CVE-2022-0759 | 2022-03-25 | A flaw was found in all versions of kubeclient up... |
| CVE-2022-25590 | 2022-03-25 | SurveyKing v0.2.0 was discovered to retain users' session cookies after... |
| CVE-2022-26573 | 2022-03-25 | Maccms v10 was discovered to contain multiple reflected cross-site scripting... |
| CVE-2022-27884 | 2022-03-25 | Maccms v10 was discovered to contain a reflected cross-site scripting... |
| CVE-2022-27885 | 2022-03-25 | Maccms v10 was discovered to contain multiple reflected cross-site scripting... |
| CVE-2022-27886 | 2022-03-25 | Maccms v10 was discovered to contain a reflected cross-site scripting... |
| CVE-2022-27887 | 2022-03-25 | Maccms v10 was discovered to contain a reflected cross-site scripting... |
| CVE-2022-27906 | 2022-03-25 | Mendelson OFTP2 before 1.1 b43 is affected by directory traversal.... |
| CVE-2022-27919 | 2022-03-25 | Gradle Enterprise before 2022.1 allows remote code execution if the... |
| CVE-2022-27920 | 2022-03-25 | libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver... |
| CVE-2022-26197 | 2022-03-25 | Joget DX 7 was discovered to contain a cross-site scripting... |
| CVE-2022-24643 | 2022-03-25 | A stored cross-site scripting (XSS) issue was discovered in the... |
| CVE-2021-44905 | 2022-03-25 | Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD... |
| CVE-2022-25523 | 2022-03-25 | TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2022-26659 | 2022-03-25 | Docker Desktop installer on Windows in versions before 4.6.0 allows... |
| CVE-2021-44683 | 2022-03-25 | The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing... |
| CVE-2022-24783 | 2022-03-25 | Sandbox bypass leading to arbitrary code execution in Deno |
| CVE-2022-24784 | 2022-03-25 | Discoverability of user password hash in Statamic CMS |
| CVE-2021-40904 | 2022-03-25 | The web management console of CheckMK Raw Edition (versions 1.5.0... |
| CVE-2021-40905 | 2022-03-25 | The web management console of CheckMK Enterprise Edition (versions 1.5.0... |
| CVE-2021-40906 | 2022-03-25 | CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not... |
| CVE-2022-22274 | 2022-03-25 | A Stack-based buffer overflow vulnerability in the SonicOS via HTTP... |
| CVE-2022-27939 | 2022-03-26 | tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6... |
| CVE-2022-27940 | 2022-03-26 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in... |
| CVE-2022-27941 | 2022-03-26 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in... |
| CVE-2022-27942 | 2022-03-26 | tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in... |
| CVE-2022-27943 | 2022-03-26 | libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const,... |
| CVE-2022-1071 | 2022-03-26 | User after free in mrb_vm_exec in mruby/mruby |
| CVE-2022-27938 | 2022-03-26 | stb_image.h (aka the stb image loader) 2.19, as used in... |
| CVE-2022-27945 | 2022-03-26 | NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute... |
| CVE-2022-27947 | 2022-03-26 | NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute... |
| CVE-2022-27946 | 2022-03-26 | NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute... |
| CVE-2022-26198 | 2022-03-26 | Notable v1.8.4 does not filter text editing, allowing attackers to... |
| CVE-2022-26258 | 2022-03-27 | D-Link DIR-820L 1.05B03 was discovered to contain remote command execution... |
| CVE-2022-26205 | 2022-03-27 | Marky commit 3686565726c65756e was discovered to contain a remote code... |
| CVE-2022-27948 | 2022-03-27 | Certain Tesla vehicles through 2022-03-26 allow attackers to open the... |
| CVE-2022-26245 | 2022-03-27 | Falcon-plus v0.3 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-1106 | 2022-03-27 | use after free in mrb_vm_exec in mruby/mruby |
| CVE-2022-26252 | 2022-03-27 | aaPanel v6.8.21 was discovered to be vulnerable to directory traversal.... |
| CVE-2022-26254 | 2022-03-27 | WoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered... |
| CVE-2021-44127 | 2022-03-27 | In DLink DAP-1360 F1 firmware version <=v6.10 in the "webupg"... |
| CVE-2022-26255 | 2022-03-27 | Clash for Windows v0.19.8 was discovered to allow arbitrary code... |
| CVE-2022-1056 | 2022-03-28 | Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers... |
| CVE-2022-24303 | 2022-03-28 | Pillow before 9.0.1 allows attackers to delete files because spaces... |
| CVE-2022-26259 | 2022-03-28 | A buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL,... |
| CVE-2021-26598 | 2022-03-28 | ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows... |
| CVE-2022-26268 | 2022-03-28 | Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2021-26599 | 2022-03-28 | ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection. |
| CVE-2021-26600 | 2022-03-28 | ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication... |
| CVE-2021-26601 | 2022-03-28 | ImpressCMS before 1.4.3 allows libraries/image-editor/image-edit.php image_temp Directory Traversal. |
| CVE-2021-44208 | 2022-03-28 | OX App Suite through 7.10.5 allows XSS via an unknown... |
| CVE-2021-44209 | 2022-03-28 | OX App Suite through 7.10.5 allows XSS via an HTML... |
| CVE-2021-44210 | 2022-03-28 | OX App Suite through 7.10.5 allows XSS via NIFF (Notation... |
| CVE-2022-26271 | 2022-03-28 | 74cmsSE v3.4.1 was discovered to contain an arbitrary file read... |
| CVE-2021-44211 | 2022-03-28 | OX App Suite through 7.10.5 allows XSS via the class... |
| CVE-2021-44212 | 2022-03-28 | OX App Suite through 7.10.5 allows XSS via a trailing... |
| CVE-2021-44213 | 2022-03-28 | OX App Suite through 7.10.5 allows XSS via uuencoding in... |
| CVE-2021-44617 | 2022-03-28 | A SQL Injection vulnerability exits in the Ramo plugin for... |
| CVE-2022-26273 | 2022-03-28 | EyouCMS v1.5.4 was discovered to lack parameter filtering in \user\controller\shop.php,... |
| CVE-2021-45490 | 2022-03-28 | The client applications in 3CX on Windows, the 3CX app... |
| CVE-2021-45491 | 2022-03-28 | 3CX System through 2022-03-17 stores cleartext passwords in a database. |
| CVE-2022-27950 | 2022-03-28 | In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory... |
| CVE-2022-25757 | 2022-03-28 | Apache APISIX: the body_schema check in request-validation plugin can be bypassed |
| CVE-2021-46433 | 2022-03-28 | In fenom 2.12.1 and before, there is a way in... |
| CVE-2021-46434 | 2022-03-28 | EMQ X Dashboard V3.0.0 is affected by username enumeration in... |
| CVE-2022-23882 | 2022-03-28 | TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php. |
| CVE-2022-0342 | 2022-03-28 | An authentication bypass vulnerability in the CGI program of Zyxel... |
| CVE-2022-23884 | 2022-03-28 | Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer... |
| CVE-2021-43725 | 2022-03-28 | There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php... |
| CVE-2021-43721 | 2022-03-28 | Leanote 2.7.0 is vulnerable to Cross Site Scripting (XSS) in... |