CVE List - 2022 / April
Showing 101 - 200 of 2039 CVEs for April 2022 (Page 2 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-25158 | 2022-04-01 | Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC... |
| CVE-2022-25160 | 2022-04-01 | Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC... |
| CVE-2022-1201 | 2022-04-02 | NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby |
| CVE-2022-28352 | 2022-04-02 | WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4... |
| CVE-2022-28355 | 2022-04-02 | randomUUID in Scala.js before 1.10.0 generates predictable values. |
| CVE-2022-28356 | 2022-04-02 | In the Linux kernel before 5.17.1, a refcount leak bug... |
| CVE-2022-28368 | 2022-04-03 | Dompdf 1.2.1 allows remote code execution via a .php file... |
| CVE-2022-1210 | 2022-04-03 | LibTIFF tiff2ps resource consumption |
| CVE-2022-28376 | 2022-04-03 | Verizon 5G Home LVSKIHP outside devices through 2022-02-15 allow anyone... |
| CVE-2022-0088 | 2022-04-03 | Cross-Site Request Forgery (CSRF) in yourls/yourls |
| CVE-2022-1211 | 2022-04-03 | tildearrow Furnace FUR to VGM Converter stack-based overflow |
| CVE-2022-28378 | 2022-04-03 | Craft CMS before 3.7.29 allows XSS. |
| CVE-2022-28379 | 2022-04-03 | jc21.com Nginx Proxy Manager before 2.9.17 allows XSS during item... |
| CVE-2022-28380 | 2022-04-03 | The rc-httpd component through 2022-03-31 for 9front (Plan 9 fork)... |
| CVE-2022-0405 | 2022-04-03 | Improper Access Control in janeczku/calibre-web |
| CVE-2022-28381 | 2022-04-03 | Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that... |
| CVE-2022-0406 | 2022-04-03 | Improper Authorization in janeczku/calibre-web |
| CVE-2022-28390 | 2022-04-03 | ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has... |
| CVE-2022-28389 | 2022-04-03 | mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has... |
| CVE-2022-28388 | 2022-04-03 | usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has... |
| CVE-2022-28391 | 2022-04-03 | BusyBox through 1.35.0 allows remote attackers to execute arbitrary code... |
| CVE-2021-30061 | 2022-04-03 | On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,... |
| CVE-2021-30062 | 2022-04-03 | On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and... |
| CVE-2021-30063 | 2022-04-03 | On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and... |
| CVE-2021-30064 | 2022-04-03 | On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,... |
| CVE-2021-30065 | 2022-04-03 | On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,... |
| CVE-2021-30066 | 2022-04-03 | On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,... |
| CVE-2022-26233 | 2022-04-03 | Barco Control Room Management through Suite 2.9 Build 0275 was... |
| CVE-2022-26530 | 2022-04-03 | swaylock before 1.6 allows attackers to trigger a crash and... |
| CVE-2022-27248 | 2022-04-03 | A directory traversal vulnerability in IdeaRE RefTree before 2021.09.17 allows... |
| CVE-2022-27249 | 2022-04-03 | An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17... |
| CVE-2022-1222 | 2022-04-04 | Inf loop in gpac/gpac |
| CVE-2022-24785 | 2022-04-04 | Path Traversal in Moment.js |
| CVE-2022-0939 | 2022-04-04 | Server-Side Request Forgery (SSRF) in janeczku/calibre-web |
| CVE-2022-24191 | 2022-04-04 | In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function... |
| CVE-2022-1224 | 2022-04-04 | Improper Authorization in phpipam/phpipam |
| CVE-2022-1223 | 2022-04-04 | Incorrect Authorization in phpipam/phpipam |
| CVE-2022-1225 | 2022-04-04 | Incorrect Privilege Assignment in phpipam/phpipam |
| CVE-2021-33616 | 2022-04-04 | RSA Archer 6.x through 6.9 SP1 P4 (6.9.1.4) allows stored... |
| CVE-2021-44138 | 2022-04-04 | There is a Directory traversal vulnerability in Caucho Resin, as... |
| CVE-2022-26616 | 2022-04-04 | PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows attackers... |
| CVE-2022-27435 | 2022-04-04 | An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0 allows... |
| CVE-2022-27436 | 2022-04-04 | A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_user at Ecommerce-Website v1.1.0... |
| CVE-2022-28062 | 2022-04-04 | Car Rental System v1.0 contains an arbitrary file upload vulnerability... |
| CVE-2022-28063 | 2022-04-04 | Simple Bakery Shop Management System v1.0 contains a file disclosure... |
| CVE-2021-43454 | 2022-04-04 | An Unquoted Service Path vulnerability exists in AnyTXT Searcher 1.2.394... |
| CVE-2022-1026 | 2022-04-04 | Kyocera Net View Address Book Exposure |
| CVE-2021-43455 | 2022-04-04 | An Unquoted Service Path vulnerability exists in FreeLAN 2.2 via... |
| CVE-2021-43456 | 2022-04-04 | An Unquoted Service Path vulnerablility exists in Rumble Mail Server... |
| CVE-2021-43457 | 2022-04-04 | An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via... |
| CVE-2021-43458 | 2022-04-04 | An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1... |
| CVE-2021-43459 | 2022-04-04 | A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail... |
| CVE-2021-43460 | 2022-04-04 | An Unquoted Service Path vulnerability exists in System Explorer 7.0.0... |
| CVE-2021-43461 | 2022-04-04 | Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server... |
| CVE-2021-25048 | 2022-04-04 | KingComposer <= 2.9.6 - Subscriber+ Stored Cross-Site Scripting |
| CVE-2021-25113 | 2022-04-04 | Dropdown Menu Widget <= 1.9.7 - Subscriber+ Arbitrary Settings Update to Stored XSS |
| CVE-2022-0403 | 2022-04-04 | Library File Manager < 5.2.3 - Subscriber+ Arbitrary File Creation/Upload/Deletion |
| CVE-2022-0404 | 2022-04-04 | Material Design for Contact Form 7 <= 2.6.4 - Subscriber+ Arbitrary Settings Update leading to DoS |
| CVE-2022-0431 | 2022-04-04 | Google Pagespeed Insights < 4.0.4 - Reflected Cross-Site Scripting |
| CVE-2022-0537 | 2022-04-04 | MapPress Maps for WordPress < 2.73.13 - Admin+ File Upload to Remote Code Execution |
| CVE-2022-0709 | 2022-04-04 | Booking Package < 1.5.29 - Unauthenticated Sensitive Data Disclosure |
| CVE-2022-0825 | 2022-04-04 | Amelia < 1.0.49 - Customer+ Arbitrary Appointments Status Update |
| CVE-2022-0830 | 2022-04-04 | FormBuilder <= 1.08 - Stored Cross-Site Scripting via CSRF |
| CVE-2022-0837 | 2022-04-04 | Amelia < 1.0.48 - Customer+ SMS Service Abuse and Sensitive Data Disclosure |
| CVE-2022-0864 | 2022-04-04 | UpdraftPlus < 1.22.9 - Reflected Cross-Site Scripting |
| CVE-2022-0884 | 2022-04-04 | Profile Builder < 3.6.8 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-0887 | 2022-04-04 | Easy Social Icons < 3.1.4 - Admin+ SQL Injection |
| CVE-2022-0901 | 2022-04-04 | Ad Inserter < 2.7.12 - Reflected Cross-Site Scripting |
| CVE-2022-0958 | 2022-04-04 | Mark Posts < 2.0.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1164 | 2022-04-04 | Wyzi < 2.4.3 - Reflected Cross-Site Scripting (XSS) |
| CVE-2022-1165 | 2022-04-04 | Blackhole for Bad Bots < 3.3.2 - Arbitrary IP Address Blocking via IP Spoofing |
| CVE-2022-1166 | 2022-04-04 | JobMonster < 4.6.6.1 - Directory Listing in Upload Folder |
| CVE-2022-1167 | 2022-04-04 | CareerUp < 2.3.1 - Unauthenticated Reflected Cross-Site Scripting |
| CVE-2022-1168 | 2022-04-04 | JobSearch < 1.5.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2022-1169 | 2022-04-04 | Careerfy < 3.9.0 - Unauthenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2022-1170 | 2022-04-04 | JobMonster < 4.5.2.9 - Unauthenticated Reflected Cross-Site Scripting |
| CVE-2021-43462 | 2022-04-04 | A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail... |
| CVE-2021-43463 | 2022-04-04 | An Unquoted Service Path vulnerability exists in Ext2Fsd v0.68 via... |
| CVE-2020-28062 | 2022-04-04 | An Access Control vulnerability exists in HisiPHP 2.0.11 via special... |
| CVE-2022-25569 | 2022-04-04 | Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use... |
| CVE-2022-24801 | 2022-04-04 | HTTP Request Smuggling in twisted.web |
| CVE-2021-43464 | 2022-04-04 | A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS... |
| CVE-2022-24787 | 2022-04-04 | Incorrect Comparison in Vyper |
| CVE-2022-24813 | 2022-04-04 | Authentication Bypass Using an Alternate Path or Channel in CreateWiki |
| CVE-2022-24814 | 2022-04-04 | Cross-site Scripting in Directus |
| CVE-2022-0990 | 2022-04-04 | Server-Side Request Forgery (SSRF) in janeczku/calibre-web |
| CVE-2022-26572 | 2022-04-04 | Xerox ColorQube 8580 was discovered to contain an access control... |
| CVE-2022-1233 | 2022-04-04 | URL Confusion When Scheme Not Supplied in medialize/uri.js |
| CVE-2022-27608 | 2022-04-04 | Forcepoint One Endpoint prior to version 22.01 installed on Microsoft... |
| CVE-2022-27609 | 2022-04-04 | Forcepoint One Endpoint prior to version 22.01 installed on Microsoft... |
| CVE-2022-23697 | 2022-04-04 | A remote cross-site scripting (xss) vulnerability was discovered in HPE... |
| CVE-2022-23698 | 2022-04-04 | A remote unauthenticated disclosure of information vulnerability was discovered in... |
| CVE-2022-23699 | 2022-04-04 | A local authentication restriction bypass vulnerability was discovered in HPE... |
| CVE-2022-23700 | 2022-04-04 | A local unauthorized read access to files vulnerability was discovered... |
| CVE-2022-27649 | 2022-04-04 | A flaw was found in Podman, where containers were started... |
| CVE-2022-27651 | 2022-04-04 | A flaw was found in buildah where containers were incorrectly... |
| CVE-2022-27650 | 2022-04-04 | A flaw was found in crun where containers were incorrectly... |
| CVE-2021-32977 | 2022-04-04 | AVEVA System Platform Improper Verification of Cryptographic Signature |
| CVE-2021-33010 | 2022-04-04 | AVEVA System Platform Uncaught Exception |
| CVE-2021-32985 | 2022-04-04 | AVEVA System Platform Origin Validation Error |