CVE List - 2022 / March
Showing 601 - 700 of 2065 CVEs for March 2022 (Page 7 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-25558 | 2022-03-09 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow... |
| CVE-2022-25560 | 2022-03-09 | Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow... |
| CVE-2022-25561 | 2022-03-09 | Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow... |
| CVE-2022-25566 | 2022-03-09 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow... |
| CVE-2021-46408 | 2022-03-09 | Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer... |
| CVE-2022-24995 | 2022-03-09 | Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow... |
| CVE-2022-0715 | 2022-03-09 | A CWE-287: Improper Authentication vulnerability exists that could cause an... |
| CVE-2022-22805 | 2022-03-09 | A CWE-120: Buffer Copy without Checking Size of Input ('Classic... |
| CVE-2022-22806 | 2022-03-09 | A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could... |
| CVE-2022-24349 | 2022-03-09 | Reflected XSS in action configuration window of Zabbix Frontend |
| CVE-2022-24917 | 2022-03-09 | Reflected XSS in service configuration window of Zabbix Frontend |
| CVE-2022-24918 | 2022-03-09 | Reflected XSS in item configuration window of Zabbix Frontend |
| CVE-2022-24919 | 2022-03-09 | Reflected XSS in graph configuration window of Zabbix Frontend |
| CVE-2022-22511 | 2022-03-09 | WAGO PLCs WBM vulnerable to reflected XSS |
| CVE-2022-24732 | 2022-03-09 | Maddy Mail Server does not implement account expiry |
| CVE-2022-0618 | 2022-03-09 | A program using swift-nio-http2 is vulnerable to a denial of... |
| CVE-2021-32025 | 2022-03-09 | An elevation of privilege vulnerability in the QNX Neutrino Kernel... |
| CVE-2021-44622 | 2022-03-09 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2021-44623 | 2022-03-09 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2022-24734 | 2022-03-09 | Remote code execution in mybb |
| CVE-2022-24741 | 2022-03-09 | High memory usage in Nextcloud server |
| CVE-2021-44625 | 2022-03-09 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2021-44626 | 2022-03-09 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2021-44627 | 2022-03-09 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2021-44628 | 2022-03-09 | A Buffer Overflow vulnerabiltiy exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2021-44629 | 2022-03-09 | A Buffer Overflow vulnerabilitiy exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2021-44630 | 2022-03-09 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2021-44631 | 2022-03-09 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2021-44632 | 2022-03-09 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8... |
| CVE-2022-24748 | 2022-03-09 | Incorrect Authentication in shopware |
| CVE-2022-24747 | 2022-03-09 | HTTP caching is marking private HTTP headers as public |
| CVE-2022-24746 | 2022-03-09 | HTML injection possibility in voucher code form |
| CVE-2022-24745 | 2022-03-09 | Guest session is shared between customers in shopware |
| CVE-2022-24744 | 2022-03-09 | Insufficient Session Expiration in shopware |
| CVE-2022-24753 | 2022-03-09 | Code injection in Stripe CLI on windows |
| CVE-2021-22783 | 2022-03-09 | A CWE-200: Information Exposure vulnerability exists which could allow a... |
| CVE-2022-24322 | 2022-03-09 | A CWE-119: Improper Restriction of Operations within the Bounds of... |
| CVE-2022-24323 | 2022-03-09 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability... |
| CVE-2022-0905 | 2022-03-10 | Missing Authorization in go-gitea/gitea |
| CVE-2022-24750 | 2022-03-10 | Low privilege user is able to exploit the service and gain SYSTEM privileges in UltraVNC server |
| CVE-2022-0890 | 2022-03-10 | NULL Pointer Dereference in mruby/mruby |
| CVE-2022-26652 | 2022-03-10 | NATS nats-server before 2.7.4 allows Directory Traversal (with write access)... |
| CVE-2022-26847 | 2022-03-10 | SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access... |
| CVE-2022-26846 | 2022-03-10 | SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated... |
| CVE-2021-38296 | 2022-03-10 | Apache Spark Key Negotiation Vulnerability |
| CVE-2022-0895 | 2022-03-10 | Static Code Injection in microweber/microweber |
| CVE-2021-32434 | 2022-03-10 | abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in... |
| CVE-2021-32435 | 2022-03-10 | Stack-based buffer overflow in the function get_key in parse.c of... |
| CVE-2021-32436 | 2022-03-10 | An out-of-bounds read in the function write_title() in subs.c of... |
| CVE-2021-33293 | 2022-03-10 | Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds... |
| CVE-2021-34122 | 2022-03-10 | The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has... |
| CVE-2022-0906 | 2022-03-10 | Unrestricted file upload leads to stored XSS in microweber/microweber |
| CVE-2022-22814 | 2022-03-10 | The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege... |
| CVE-2021-44269 | 2022-03-10 | An out of bounds read was found in Wavpack 5.4.0... |
| CVE-2022-24651 | 2022-03-10 | sentcms 4.0.x allows remote attackers to cause arbitrary file uploads... |
| CVE-2022-24652 | 2022-03-10 | sentcms 4.0.x allows remote attackers to cause arbitrary file uploads... |
| CVE-2021-44673 | 2022-03-10 | A Remote Code Execution (RCE) vulnerability exists in Croogo 3.0.2via... |
| CVE-2022-23036 | 2022-03-10 | Linux PV device frontends vulnerable to attacks by backends T[his... |
| CVE-2022-23037 | 2022-03-10 | Linux PV device frontends vulnerable to attacks by backends T[his... |
| CVE-2022-23038 | 2022-03-10 | Linux PV device frontends vulnerable to attacks by backends T[his... |
| CVE-2022-23039 | 2022-03-10 | Linux PV device frontends vulnerable to attacks by backends T[his... |
| CVE-2022-23040 | 2022-03-10 | Linux PV device frontends vulnerable to attacks by backends T[his... |
| CVE-2022-23041 | 2022-03-10 | Linux PV device frontends vulnerable to attacks by backends T[his... |
| CVE-2022-23042 | 2022-03-10 | Linux PV device frontends vulnerable to attacks by backends T[his... |
| CVE-2021-38910 | 2022-03-10 | IBM DataPower Gateway V10CD, 10.0.1, and 2108.4.1 could allow a... |
| CVE-2021-39022 | 2022-03-10 | IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided... |
| CVE-2021-39025 | 2022-03-10 | IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 could disclose... |
| CVE-2021-44585 | 2022-03-10 | A Cross Site Scripting (XSS) vulnerabilitiy exits in jeecg-boot 3.0... |
| CVE-2021-41233 | 2022-03-10 | Missing authorization in Nextcloud text |
| CVE-2022-24726 | 2022-03-10 | Unauthenticated control plane denial of service attack in Istio |
| CVE-2022-0815 | 2022-03-10 | McAfee WebAdvisor - Extension Fingerprinting vulnerability |
| CVE-2022-0280 | 2022-03-10 | McAfee Total Protection (MTP) - File Deletion vulnerability |
| CVE-2022-0820 | 2022-03-10 | Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore |
| CVE-2022-25506 | 2022-03-10 | FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-25507 | 2022-03-10 | FreeTAKServer-UI v1.9.8 was discovered to contain a stored cross-site scripting... |
| CVE-2022-25508 | 2022-03-10 | An access control issue in the component /ManageRoute/postRoute of FreeTAKServer... |
| CVE-2022-25510 | 2022-03-10 | FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows... |
| CVE-2022-25511 | 2022-03-10 | An issue in the ?filename= argument of the route /DataPackageTable... |
| CVE-2022-25512 | 2022-03-10 | FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket... |
| CVE-2022-0821 | 2022-03-10 | Improper Authorization in orchardcms/orchardcore |
| CVE-2021-32472 | 2022-03-11 | Teachers exporting a forum in CSV format could receive a... |
| CVE-2021-32476 | 2022-03-11 | A denial-of-service risk was identified in the draft files area,... |
| CVE-2021-32478 | 2022-03-11 | The redirect URI in the LTI authorization endpoint required extra... |
| CVE-2022-0871 | 2022-03-11 | Missing Authorization in gogs/gogs |
| CVE-2022-0907 | 2022-03-11 | Unchecked Return Value to NULL Pointer Dereference in tiffcrop in... |
| CVE-2022-0908 | 2022-03-11 | Null source pointer passed as an argument to memcpy() function... |
| CVE-2022-0909 | 2022-03-11 | Divide By Zero error in tiffcrop in libtiff 4.3.0 allows... |
| CVE-2022-0924 | 2022-03-11 | Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers... |
| CVE-2022-0932 | 2022-03-11 | Missing Authorization in saleor/saleor |
| CVE-2022-21819 | 2022-03-11 | NVIDIA distributions of Jetson Linux contain a vulnerability where an... |
| CVE-2020-36518 | 2022-03-11 | jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial... |
| CVE-2022-0001 | 2022-03-11 | Non-transparent sharing of branch predictor selectors between contexts in some... |
| CVE-2022-24754 | 2022-03-11 | Buffer overflow in pjsip |
| CVE-2022-0822 | 2022-03-11 | Cross-site Scripting (XSS) - Reflected in orchardcms/orchardcore |
| CVE-2022-26874 | 2022-03-11 | lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an... |
| CVE-2022-26878 | 2022-03-11 | drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory... |
| CVE-2018-25031 | 2022-03-11 | Swagger UI 4.1.2 and earlier could allow a remote attacker... |
| CVE-2021-46708 | 2022-03-11 | The swagger-ui-dist package before 4.1.3 for Node.js could allow a... |
| CVE-2022-21177 | 2022-03-11 | There is a path traversal vulnerability in CAMS for HIS... |
| CVE-2022-21194 | 2022-03-11 | The following Yokogawa Electric products do not change the passwords... |