CVE List - 2022 / April
Showing 1001 - 1100 of 2039 CVEs for April 2022 (Page 11 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-22181 | 2022-04-14 | Junos OS: J-Web can be compromised through reflected XSS attacks |
| CVE-2022-22182 | 2022-04-14 | Junos OS: A XSS vulnerability allows an attacker to execute commands on a target J-Web session |
| CVE-2022-22183 | 2022-04-14 | Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port. |
| CVE-2022-22185 | 2022-04-14 | Junos OS: SRX Series: Denial of service vulnerability in flowd daemon upon receipt of a specific fragmented packet |
| CVE-2022-22186 | 2022-04-14 | Junos OS: EX4650 Series: Certain traffic received by the Junos OS device on the management interface may be forwarded to egress interfaces instead of discarded |
| CVE-2022-22187 | 2022-04-14 | JIMS: Local Privilege Escalation vulnerability via repair functionality |
| CVE-2022-22188 | 2022-04-14 | Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang. |
| CVE-2022-22189 | 2022-04-14 | Contrail Service Orchestration: An authenticated local user may have their permissions elevated via the device via management interface without authentication |
| CVE-2022-22190 | 2022-04-14 | Paragon Active Assurance Control Center: Information disclosure vulnerability in crafted URL |
| CVE-2022-22191 | 2022-04-14 | Junos OS: EX4300: PFE Denial of Service (DoS) upon receipt of a flood of specific ARP traffic |
| CVE-2022-22193 | 2022-04-14 | Junos OS and Junos OS Evolved: In a BGP rib-sharding scenario when a certain CLI command is executed the rpd process might crash |
| CVE-2022-22194 | 2022-04-14 | Junos OS Evolved: PTX series: An attacker sending a crafted GRE packet will cause the PFE to restart |
| CVE-2022-22195 | 2022-04-14 | Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash |
| CVE-2022-22196 | 2022-04-14 | Junos OS and Junos OS Evolved: The rpd CPU spikes to 100% after a malformed ISIS TLV has been received |
| CVE-2022-22197 | 2022-04-14 | Junos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happening |
| CVE-2022-22198 | 2022-04-14 | Junos OS: MX MS-MPC or MS-MIC, or SRX SPC crashes if it receives a SIP message with a specific contact header format |
| CVE-2022-27814 | 2022-04-14 | SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option. |
| CVE-2022-27817 | 2022-04-14 | SWHKD 1.1.5 consumes the keyboard events of unintended users. This... |
| CVE-2022-22391 | 2022-04-14 | IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an... |
| CVE-2021-43257 | 2022-04-14 | Lack of Neutralization of Formula Elements in the CSV API... |
| CVE-2021-21914 | 2022-04-14 | A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality... |
| CVE-2021-21938 | 2022-04-14 | A heap-based buffer overflow vulnerability exists in the Palette box... |
| CVE-2021-21939 | 2022-04-14 | A heap-based buffer overflow vulnerability exists in the XWD parser... |
| CVE-2021-21942 | 2022-04-14 | An out-of-bounds write vulnerability exists in the TIFF YCbCr image... |
| CVE-2021-21943 | 2022-04-14 | A heap-based buffer overflow vulnerability exists in the XWD parser... |
| CVE-2021-21944 | 2022-04-14 | Two heap-based buffer overflow vulnerabilities exist in the TIFF parser... |
| CVE-2021-21945 | 2022-04-14 | Two heap-based buffer overflow vulnerabilities exist in the TIFF parser... |
| CVE-2021-21946 | 2022-04-14 | Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless... |
| CVE-2021-21947 | 2022-04-14 | Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless... |
| CVE-2021-21948 | 2022-04-14 | A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality... |
| CVE-2021-21949 | 2022-04-14 | An improper array index validation vulnerability exists in the JPEG-JFIF... |
| CVE-2021-21956 | 2022-04-14 | A php unserialize vulnerability exists in the Ai-Bolit functionality of... |
| CVE-2021-21967 | 2022-04-14 | An out-of-bounds write vulnerability exists in the OTA update task... |
| CVE-2021-40390 | 2022-04-14 | An authentication bypass vulnerability exists in the Web Application functionality... |
| CVE-2021-40392 | 2022-04-14 | An information disclosure vulnerability exists in the Web Application functionality... |
| CVE-2021-40398 | 2022-04-14 | An out-of-bounds write vulnerability exists in the parse_raster_data functionality of... |
| CVE-2021-40400 | 2022-04-14 | An out-of-bounds read vulnerability exists in the RS-274X aperture macro... |
| CVE-2021-40402 | 2022-04-14 | An out-of-bounds read vulnerability exists in the RS-274X aperture macro... |
| CVE-2021-40405 | 2022-04-14 | A denial of service vulnerability exists in the cgiserver.cgi Upgrade... |
| CVE-2021-40422 | 2022-04-14 | An authentication bypass vulnerability exists in the device password generation... |
| CVE-2021-40424 | 2022-04-14 | An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and... |
| CVE-2021-40425 | 2022-04-14 | An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and... |
| CVE-2021-40426 | 2022-04-14 | A heap-based buffer overflow vulnerability exists in the sphere.c start_read()... |
| CVE-2021-44354 | 2022-04-14 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON... |
| CVE-2021-44355 | 2022-04-14 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON... |
| CVE-2021-44356 | 2022-04-14 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON... |
| CVE-2021-44357 | 2022-04-14 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON... |
| CVE-2021-44366 | 2022-04-14 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON... |
| CVE-2021-44375 | 2022-04-14 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON... |
| CVE-2021-44394 | 2022-04-14 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON... |
| CVE-2022-21145 | 2022-04-14 | A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality... |
| CVE-2022-21154 | 2022-04-14 | An integer overflow vulnerability exists in the fltSaveCMP functionality of... |
| CVE-2022-21210 | 2022-04-14 | An SQL injection vulnerability exists in the AssetActions.aspx functionality of... |
| CVE-2022-21234 | 2022-04-14 | An SQL injection vulnerability exists in the EchoAssets.aspx functionality of... |
| CVE-2022-22149 | 2022-04-14 | A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of... |
| CVE-2022-28711 | 2022-04-14 | A memory corruption vulnerability exists in the cgi.c unescape functionality... |
| CVE-2022-1304 | 2022-04-14 | An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This... |
| CVE-2022-27848 | 2022-04-14 | WordPress Modern Events Calendar Lite plugin <= 6.5.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-22966 | 2022-04-14 | An authenticated, high privileged malicious actor with network access to... |
| CVE-2022-22968 | 2022-04-14 | In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20,... |
| CVE-2021-28505 | 2022-04-14 | On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol. |
| CVE-2020-25150 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-16238 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25156 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25152 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25160 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25158 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25162 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25154 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25166 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25164 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2020-25168 | 2022-04-14 | B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus |
| CVE-2022-24824 | 2022-04-14 | Anonymous user cache poisoning in discourse |
| CVE-2022-24846 | 2022-04-14 | Unchecked JNDI lookups in GeoWebCache |
| CVE-2022-24850 | 2022-04-14 | Category group permissions leaked in Discourse |
| CVE-2022-24849 | 2022-04-14 | Contact to DisCatSharp-owned server using authenticated client |
| CVE-2022-24855 | 2022-04-14 | XSS vulnerability in Metabase |
| CVE-2022-24854 | 2022-04-14 | Database bypassing any permissions in Metabase via SQlite attach |
| CVE-2022-24853 | 2022-04-14 | File system exposure in Metabase |
| CVE-2022-26498 | 2022-04-15 | An issue was discovered in Asterisk through 19.x. When using... |
| CVE-2022-26499 | 2022-04-15 | An SSRF issue was discovered in Asterisk through 19.x. When... |
| CVE-2022-26651 | 2022-04-15 | An issue was discovered in Asterisk through 19.x and Certified... |
| CVE-2022-28041 | 2022-04-15 | stb_image.h v2.27 was discovered to contain an integer overflow via... |
| CVE-2022-28042 | 2022-04-15 | stb_image.h v2.27 was discovered to contain an heap-based use-after-free via... |
| CVE-2022-26034 | 2022-04-15 | Improper authentication vulnerability in the communication protocol provided by AD... |
| CVE-2022-27188 | 2022-04-15 | OS command injection vulnerability exists in CENTUM VP R4.01.00 to... |
| CVE-2021-40386 | 2022-04-15 | Kaseya Unitrends Client/Agent through 10.5,5 allows remote attackers to execute... |
| CVE-2022-28345 | 2022-04-15 | The Signal app before 5.34 for iOS allows URI spoofing... |
| CVE-2022-28870 | 2022-04-15 | Address Bar Spoofing Vulnerability in F-Secure SAFE Browser for Android |
| CVE-2022-28868 | 2022-04-15 | Address Bar Spoofing Vulnerability in F-Secure SAFE Browser for Android |
| CVE-2022-28869 | 2022-04-15 | Address Bar Spoofing Vulnerability in F-Secure SAFE Browser for Android |
| CVE-2022-27474 | 2022-04-15 | SuiteCRM v7.11.23 was discovered to allow remote code execution via... |
| CVE-2022-28044 | 2022-04-15 | Irzip v0.640 was discovered to contain a heap memory corruption... |
| CVE-2022-28048 | 2022-04-15 | STB v2.27 was discovered to contain an integer shift of... |
| CVE-2022-28049 | 2022-04-15 | NGINX NJS 0.7.2 was discovered to contain a NULL pointer... |
| CVE-2022-27043 | 2022-04-15 | Yearning versions 2.3.1 and 2.3.2 Interstellar GA and 2.3.4 -... |
| CVE-2022-20719 | 2022-04-15 | Cisco IOx Application Hosting Environment Vulnerabilities |
| CVE-2022-20718 | 2022-04-15 | Cisco IOx Application Hosting Environment Vulnerabilities |
| CVE-2022-20717 | 2022-04-15 | Cisco SD-WAN vEdge Routers Denial of Service Vulnerability |
| CVE-2022-20716 | 2022-04-15 | Cisco SD-WAN Solution Improper Access Control Vulnerability |