CVE List - 2022 / April
Showing 1901 - 2000 of 2039 CVEs for April 2022 (Page 20 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-38869 | 2022-04-27 | IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations... |
| CVE-2021-38874 | 2022-04-27 | IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users... |
| CVE-2021-38878 | 2022-04-27 | IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious... |
| CVE-2021-38919 | 2022-04-27 | IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios... |
| CVE-2021-38939 | 2022-04-27 | IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive... |
| CVE-2022-22312 | 2022-04-27 | IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in... |
| CVE-2022-22323 | 2022-04-27 | IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in... |
| CVE-2022-22345 | 2022-04-27 | IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site... |
| CVE-2022-23822 | 2022-04-27 | In this physical attack, an attacker may potentially exploit the... |
| CVE-2022-22275 | 2022-04-27 | Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic... |
| CVE-2022-22276 | 2022-04-27 | A vulnerability in SonicOS SNMP service resulting exposure of sensitive... |
| CVE-2022-22277 | 2022-04-27 | A vulnerability in SonicOS SNMP service resulting exposure of Wireless... |
| CVE-2022-22278 | 2022-04-27 | A vulnerability in SonicOS CFS (Content filtering service) returns a... |
| CVE-2021-25266 | 2022-04-27 | An insecure data storage vulnerability allows a physical attacker with... |
| CVE-2022-1507 | 2022-04-27 | chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in hpjansson/chafa |
| CVE-2022-24372 | 2022-04-27 | Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary... |
| CVE-2022-22315 | 2022-04-27 | IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user... |
| CVE-2022-28193 | 2022-04-27 | NVIDIA Jetson Linux Driver Package contains a vulnerability in the... |
| CVE-2022-28194 | 2022-04-27 | NVIDIA Jetson Linux Driver Package contains a vulnerability in the... |
| CVE-2022-28195 | 2022-04-27 | NVIDIA Jetson Linux Driver Package contains a vulnerability in the... |
| CVE-2022-28196 | 2022-04-27 | NVIDIA Jetson Linux Driver Package contains a vulnerability in the... |
| CVE-2022-28197 | 2022-04-27 | NVIDIA Jetson Linux Driver Package contains a vulnerability in the... |
| CVE-2022-24735 | 2022-04-27 | Lua scripts can be manipulated to overcome ACL rules in Redis |
| CVE-2022-24736 | 2022-04-27 | A Malformed Lua script can crash Redis |
| CVE-2021-3523 | 2022-04-27 | A flaw was found in 3Scale APICast in versions prior... |
| CVE-2022-29859 | 2022-04-27 | component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka SDK for Ameba1) before 2022-03-11... |
| CVE-2022-1511 | 2022-04-28 | Missing Authorization in snipe/snipe-it |
| CVE-2022-28892 | 2022-04-28 | Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to... |
| CVE-2022-29869 | 2022-04-28 | cifs-utils through 6.14, with verbose logging, can cause an information... |
| CVE-2022-28719 | 2022-04-28 | Missing authentication for critical function in AssetView prior to Ver.13.2.0... |
| CVE-2022-29811 | 2022-04-28 | In JetBrains Hub before 2022.1.14638 stored XSS via project icon... |
| CVE-2022-29812 | 2022-04-28 | In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using... |
| CVE-2022-29813 | 2022-04-28 | In JetBrains IntelliJ IDEA before 2022.1 local code execution via... |
| CVE-2022-29814 | 2022-04-28 | In JetBrains IntelliJ IDEA before 2022.1 local code execution via... |
| CVE-2022-29815 | 2022-04-28 | In JetBrains IntelliJ IDEA before 2022.1 local code execution via... |
| CVE-2022-29816 | 2022-04-28 | In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE... |
| CVE-2022-29817 | 2022-04-28 | In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error... |
| CVE-2022-29818 | 2022-04-28 | In JetBrains IntelliJ IDEA before 2022.1 origin checks in the... |
| CVE-2022-29819 | 2022-04-28 | In JetBrains IntelliJ IDEA before 2022.1 local code execution via... |
| CVE-2022-29820 | 2022-04-28 | In JetBrains PyCharm before 2022.1 exposure of the debugger port... |
| CVE-2022-29821 | 2022-04-28 | In JetBrains Rider before 2022.1 local code execution via links... |
| CVE-2022-1509 | 2022-04-28 | Command Injection Vulnerability in hestiacp/hestiacp |
| CVE-2021-33436 | 2022-04-28 | NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer... |
| CVE-2021-41921 | 2022-04-28 | novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and... |
| CVE-2022-29152 | 2022-04-28 | The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write... |
| CVE-2022-24935 | 2022-04-28 | Lexmark products through 2022-02-10 have Incorrect Access Control. |
| CVE-2021-41945 | 2022-04-28 | Encode OSS httpx < 0.23.0 is affected by improper input... |
| CVE-2022-24873 | 2022-04-28 | Non-Stored Cross-site Scripting in Shopware storefront |
| CVE-2022-28101 | 2022-04-28 | Turtlapp Turtle Note v0.7.2.6 does not filter the <meta> tag... |
| CVE-2022-28102 | 2022-04-28 | A cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel... |
| CVE-2022-28114 | 2022-04-28 | DSCMS v3.0 was discovered to contain an arbitrary file deletion... |
| CVE-2022-28117 | 2022-04-28 | A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate... |
| CVE-2022-24879 | 2022-04-28 | Malfunction of Cross-Site Request Forgery token validation |
| CVE-2022-24892 | 2022-04-28 | Multiple valid tokens for password reset in Shopware |
| CVE-2021-43930 | 2022-04-28 | Elcomplus SmartPtt Path Traversal |
| CVE-2021-43934 | 2022-04-28 | Elcomplus SmartPtt Unrestricted Upload of File with Dangerous Type |
| CVE-2021-43932 | 2022-04-28 | Elcomplus SmartPtt Cross-site Scripting |
| CVE-2021-43939 | 2022-04-28 | Elcomplus SmartPtt Improper Authorization |
| CVE-2022-22781 | 2022-04-28 | Update package downgrade in Zoom Client for Meetings for MacOS |
| CVE-2022-22782 | 2022-04-28 | Local privilege escalation in Windows Zoom Clients |
| CVE-2022-22783 | 2022-04-28 | Process memory exposure in Zoom on-premise Meeting services |
| CVE-2022-29584 | 2022-04-28 | Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 allows stored XSS... |
| CVE-2022-29585 | 2022-04-28 | In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site... |
| CVE-2022-27860 | 2022-04-28 | WordPress Footer Text plugin <= 2.0.3 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29415 | 2022-04-28 | WordPress Ravpage plugin <= 2.16 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-1514 | 2022-04-28 | Stored XSS via upload plugin functionality in zip format in neorazorx/facturascripts |
| CVE-2021-38952 | 2022-04-28 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.... |
| CVE-2022-22322 | 2022-04-28 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.... |
| CVE-2022-22427 | 2022-04-28 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.... |
| CVE-2022-22441 | 2022-04-28 | IBM InfoSphere Information Server 11.7 could allow an authenticated user... |
| CVE-2022-22443 | 2022-04-28 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.... |
| CVE-2022-29410 | 2022-04-28 | WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Authenticated SQL Injection (SQLi) vulnerability |
| CVE-2022-29413 | 2022-04-28 | WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29412 | 2022-04-28 | WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities |
| CVE-2022-29411 | 2022-04-28 | WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Unauthenticated SQL Injection SQLi) vulnerability |
| CVE-2022-29081 | 2022-04-28 | Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro... |
| CVE-2022-28060 | 2022-04-28 | SQL Injection vulnerability in Victor CMS v1.0, via the user_name... |
| CVE-2022-24898 | 2022-04-28 | Arbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xml |
| CVE-2022-28477 | 2022-04-28 | WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS). |
| CVE-2022-29555 | 2022-04-28 | The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before... |
| CVE-2022-29556 | 2022-04-28 | The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2... |
| CVE-2022-28454 | 2022-04-28 | Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS). |
| CVE-2022-24449 | 2022-04-28 | Solar appScreener through 3.10.4, when a valid license is not... |
| CVE-2021-3982 | 2022-04-29 | Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to... |
| CVE-2022-1015 | 2022-04-29 | A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c... |
| CVE-2022-29907 | 2022-04-29 | The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows... |
| CVE-2022-29906 | 2022-04-29 | The admin API module in the QuizGame extension for MediaWiki... |
| CVE-2022-29905 | 2022-04-29 | The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows... |
| CVE-2022-29904 | 2022-04-29 | The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows... |
| CVE-2022-29903 | 2022-04-29 | The Private Domains extension for MediaWiki through 1.37.2 (before 1ad65d4c1c199b375ea80988d99ab51ae068f766)... |
| CVE-2022-1526 | 2022-04-29 | Emlog Pro POST Parameter cross site scripting |
| CVE-2022-1530 | 2022-04-29 | Cross-site Scripting (XSS) in livehelperchat/livehelperchat |
| CVE-2022-1531 | 2022-04-29 | SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in rtxteam/rtx |
| CVE-2022-1534 | 2022-04-29 | Buffer Over-read at parse_rawml.c:1416 in bfabiszewski/libmobi |
| CVE-2022-1533 | 2022-04-29 | Buffer Over-read in bfabiszewski/libmobi |
| CVE-2021-41942 | 2022-04-29 | The Magic CMS MSVOD v10 video system has a SQL... |
| CVE-2021-44595 | 2022-04-29 | Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable... |
| CVE-2021-44596 | 2022-04-29 | Wondershare LTD Dr. Fone as of 2021-12-06 version is affected... |
| CVE-2022-1536 | 2022-04-29 | automad Dashboard cross site scripting |
| CVE-2021-41948 | 2022-04-29 | A cross-site scripting (XSS) vulnerability exists in the "contact us"... |