CVE List - 2022 / April
Showing 1 - 100 of 2039 CVEs for April 2022 (Page 1 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-25691 | 2022-04-01 | A flaw was found in darkhttpd. Invalid error handling allows... |
| CVE-2021-33657 | 2022-04-01 | There is a heap overflow problem in video/SDL_pixels.c in SDL... |
| CVE-2022-26562 | 2022-04-01 | An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core <= v11.0.2.51 contains... |
| CVE-2022-22963 | 2022-04-01 | In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported... |
| CVE-2021-1942 | 2022-04-01 | Improper handling of permissions of a shared memory region can... |
| CVE-2021-1950 | 2022-04-01 | Improper cleaning of secure memory between authenticated users can lead... |
| CVE-2021-30328 | 2022-04-01 | Possible assertion due to improper validation of invalid NR CSI-IM... |
| CVE-2021-30329 | 2022-04-01 | Possible assertion due to improper validation of TCI configuration in... |
| CVE-2021-30331 | 2022-04-01 | Possible buffer overflow due to improper data validation of external... |
| CVE-2021-30332 | 2022-04-01 | Possible assertion due to improper validation of OTA configuration in... |
| CVE-2021-30333 | 2022-04-01 | Improper validation of buffer size input to the EFS file... |
| CVE-2021-35088 | 2022-04-01 | Possible out of bound read due to improper validation of... |
| CVE-2021-35089 | 2022-04-01 | Possible buffer overflow due to lack of input IB amount... |
| CVE-2021-35103 | 2022-04-01 | Possible out of bound write due to improper validation of... |
| CVE-2021-35105 | 2022-04-01 | Possible out of bounds access due to improper input validation... |
| CVE-2021-35106 | 2022-04-01 | Possible out of bound read due to improper length calculation... |
| CVE-2021-35110 | 2022-04-01 | Possible buffer overflow to improper validation of hash segment of... |
| CVE-2021-35115 | 2022-04-01 | Improper handling of multiple session supported by PVM backend can... |
| CVE-2021-35117 | 2022-04-01 | An Out of Bounds read may potentially occur while processing... |
| CVE-2022-25017 | 2022-04-01 | Hitron CHITA 7.2.2.0.3b6-CD devices contain a command injection vulnerability via... |
| CVE-2022-21947 | 2022-04-01 | rancher desktop: Dashboard API is network accessible |
| CVE-2021-36775 | 2022-04-01 | Deleting PRTBs associated to a group doesn't cause deletion of corresponding RoleBindings |
| CVE-2021-36776 | 2022-04-01 | Steve API proxy impersonation |
| CVE-2022-24181 | 2022-04-01 | Cross-site scripting (XSS) via Host Header injection in PKP Open... |
| CVE-2021-44135 | 2022-04-01 | pagekit all versions, as of 15-10-2021, is vulnerable to SQL... |
| CVE-2022-21235 | 2022-04-01 | Command Injection |
| CVE-2022-22327 | 2022-04-01 | IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses... |
| CVE-2022-22328 | 2022-04-01 | IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user... |
| CVE-2022-22331 | 2022-04-01 | IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated... |
| CVE-2022-22332 | 2022-04-01 | IBM Sterling Partner Engagement Manager 6.2.0 could allow an attacker... |
| CVE-2022-22404 | 2022-04-01 | IBM App Connect Enterprise Certified Container Dashboard UI (IBM App... |
| CVE-2022-24440 | 2022-04-01 | Command Injection |
| CVE-2022-21223 | 2022-04-01 | Command Injection |
| CVE-2022-1207 | 2022-04-01 | Out-of-bounds read in radareorg/radare2 |
| CVE-2022-24066 | 2022-04-01 | Command Injection |
| CVE-2022-23155 | 2022-04-01 | Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an... |
| CVE-2022-23156 | 2022-04-01 | Wyse Device Agent version 14.6.1.4 and below contain an Improper... |
| CVE-2022-23157 | 2022-04-01 | Wyse Device Agent version 14.6.1.4 and below contain a sensitive... |
| CVE-2022-23158 | 2022-04-01 | Wyse Device Agent version 14.6.1.4 and below contain a sensitive... |
| CVE-2022-24426 | 2022-04-01 | Dell Command | Update, Dell Update, and Alienware Update version... |
| CVE-2022-26565 | 2022-04-01 | A cross-site scripting (XSS) vulnerability in Totaljs all versions before... |
| CVE-2022-21830 | 2022-04-01 | A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9... |
| CVE-2022-22570 | 2022-04-01 | A buffer overflow vulnerability found in the UniFi Door Access... |
| CVE-2022-27177 | 2022-04-01 | A Python format string issue leading to information disclosure and... |
| CVE-2021-32961 | 2022-04-01 | MDT AutoSave Unrestricted Upload of File with Dangerous Type |
| CVE-2021-32953 | 2022-04-01 | MDT AutoSave SQL Injection |
| CVE-2021-32933 | 2022-04-01 | MDT AutoSave Command Injection |
| CVE-2021-32937 | 2022-04-01 | MDT AutoSave Generation of Error Message Containing Sensitive Information |
| CVE-2021-32957 | 2022-04-01 | MDT AutoSave Uncontrolled Search Path Element |
| CVE-2021-32949 | 2022-04-01 | MDT AutoSave Relative Path Traversal |
| CVE-2021-32945 | 2022-04-01 | MDT AutoSave Inadequate Encryption Strength |
| CVE-2021-32960 | 2022-04-01 | Rockwell Automation FactoryTalk Services Platform Protection Mechanism Failure |
| CVE-2021-32968 | 2022-04-01 | Moxa NPort IAW5000A-I/O Series Serial Device Server Classic Buffer Overflow |
| CVE-2021-32970 | 2022-04-01 | Moxa NPort IAW5000A-I/O Series Serial Device Server Improper Input Validation |
| CVE-2021-32974 | 2022-04-01 | Moxa NPort IAW5000A-I/O Series Serial Device Server Improper Input Validation |
| CVE-2021-32976 | 2022-04-01 | Moxa NPort IAW5000A-I/O Series Serial Device Server Stack-based Buffer Overflow |
| CVE-2021-27493 | 2022-04-01 | Philips Vue PACS |
| CVE-2021-27501 | 2022-04-01 | Philips Vue PACS Improper Adherence to Coding Standards |
| CVE-2021-33020 | 2022-04-01 | Philips Vue PACS Use of a Key Past its Expiration Date |
| CVE-2021-33024 | 2022-04-01 | Philips Vue PACS Insufficiently Protected Credentials |
| CVE-2021-27497 | 2022-04-01 | Philips Vue PACS Protection Mechanism Failure |
| CVE-2021-33022 | 2022-04-01 | Philips Vue PACS Cleartext Transmission of Sensitive Information |
| CVE-2021-33018 | 2022-04-01 | Philips Vue PACS Use of a Broken or Risky Cryptographic Algorithm |
| CVE-2022-1098 | 2022-04-01 | Delta Electronics DIAEnergie Uncontrolledly Search Path Element |
| CVE-2022-0922 | 2022-04-01 | ICSMA-22-088-01 Philips e-Alert |
| CVE-2022-1018 | 2022-04-01 | ICSA-22-088-01 Rockwell Automation ISaGRAF |
| CVE-2021-20238 | 2022-04-01 | It was found in OpenShift Container Platform 4 that ignition... |
| CVE-2021-23247 | 2022-04-01 | A command injection vulerability found in quick game engine allows... |
| CVE-2019-14839 | 2022-04-01 | It was observed that while login into Business-central console, HTTP... |
| CVE-2021-3847 | 2022-04-01 | An unauthorized access to the execution of the setuid file... |
| CVE-2022-22965 | 2022-04-01 | A Spring MVC or Spring WebFlux application running on JDK... |
| CVE-2022-22950 | 2022-04-01 | n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported... |
| CVE-2021-23287 | 2022-04-01 | Security issues in Intelligent Power Manager (IPM 1) |
| CVE-2021-23288 | 2022-04-01 | Security issues in Intelligent Power Protector |
| CVE-2022-0489 | 2022-04-01 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2022-0390 | 2022-04-01 | Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4,... |
| CVE-2022-0373 | 2022-04-01 | Improper access control in GitLab CE/EE versions 12.4 to 14.5.4,... |
| CVE-2021-39908 | 2022-04-01 | In all versions of GitLab CE/EE starting from 0.8.0 before... |
| CVE-2022-0425 | 2022-04-01 | A DNS rebinding vulnerability in the Irker IRC Gateway integration... |
| CVE-2022-0741 | 2022-04-01 | Improper input validation in all versions of GitLab CE/EE using... |
| CVE-2021-26623 | 2022-04-01 | Bandisoft ARK Library Out-of-bound Vulnerability |
| CVE-2021-26624 | 2022-04-01 | eScan Anti-Virus Local privilege escalation Vulnerability |
| CVE-2021-22277 | 2022-04-01 | AC 800M MMS - Denial of Service vulnerability in MMS communication |
| CVE-2021-32503 | 2022-04-01 | Unauthenticated users can access sensitive web URLs through GET request,... |
| CVE-2021-3461 | 2022-04-01 | A flaw was found in keycloak where keycloak may fail... |
| CVE-2021-20295 | 2022-04-01 | It was discovered that the update for the virt:rhel module... |
| CVE-2021-27223 | 2022-04-01 | A denial-of-service issue existed in one of modules that was... |
| CVE-2022-27534 | 2022-04-01 | Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with... |
| CVE-2021-28504 | 2022-04-01 | On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol fi ... |
| CVE-2022-1159 | 2022-04-01 | Rockwell Automation Studio 5000 Logix Designer Code Injection |
| CVE-2020-14479 | 2022-04-01 | ICSA-20-147-01 Inductive Automation Ignition (Update B) |
| CVE-2022-25959 | 2022-04-01 | Rockwell Automation Studio 5000 Logix Designer Improper Restriction of Operations within the Bounds of a Memory Buffer |
| CVE-2022-26417 | 2022-04-01 | Rockwell Automation Studio 5000 Logix Designer Use After Free |
| CVE-2022-26022 | 2022-04-01 | Rockwell Automation Studio 5000 Logix Designer Out-of-Bounds Write |
| CVE-2022-26419 | 2022-04-01 | Rockwell Automation Studio 5000 Logix Designer Code Injection |
| CVE-2022-1068 | 2022-04-01 | Modbus Tools Modbus Slave Stack-Based Buffer Overflow |
| CVE-2022-25155 | 2022-04-01 | Use of Password Hash Instead of Password for Authentication vulnerability... |
| CVE-2022-25156 | 2022-04-01 | Use of Weak Hash vulnerability in Mitsubishi Electric MELSEC iQ-F... |
| CVE-2022-25157 | 2022-04-01 | Use of Password Hash Instead of Password for Authentication vulnerability... |
| CVE-2022-25159 | 2022-04-01 | Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric MELSEC iQ-F... |