CVE List - 2022 / April
Showing 301 - 400 of 2039 CVEs for April 2022 (Page 4 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-25356 | 2022-04-05 | Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection. |
| CVE-2021-33207 | 2022-04-05 | The HTTP client in MashZone NextGen through 10.7 GA deserializes... |
| CVE-2022-1213 | 2022-04-05 | SSRF filter bypass port 80, 433 in livehelperchat/livehelperchat |
| CVE-2022-1212 | 2022-04-05 | Use-After-Free in str_escape in mruby/mruby in mruby/mruby |
| CVE-2021-39114 | 2022-04-05 | Affected versions of Atlassian Confluence Server and Data Center allow... |
| CVE-2022-23909 | 2022-04-05 | There is an unquoted service path in Sherpa Connector Service... |
| CVE-2022-25154 | 2022-04-05 | A DLL hijacking vulnerability in Samsung portable SSD T5 PC... |
| CVE-2022-1235 | 2022-04-05 | Weak secrethash can be brute-forced in livehelperchat/livehelperchat |
| CVE-2022-1236 | 2022-04-05 | Weak Password Requirements in weseek/growi |
| CVE-2021-38834 | 2022-04-05 | easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sandbox... |
| CVE-2021-41245 | 2022-04-05 | Possible Cross-Site Request Forgery in Combodo iTop |
| CVE-2022-1243 | 2022-04-05 | CRHTLF can lead to invalid protocol extraction potentially leading to XSS in medialize/uri.js |
| CVE-2020-23349 | 2022-04-05 | An intent redirection issue was doscovered in Sina Weibo Android... |
| CVE-2021-27117 | 2022-04-05 | An issue was discovered in file profile.go in function GetCPUProfile... |
| CVE-2021-27116 | 2022-04-05 | An issue was discovered in file profile.go in function MemProf... |
| CVE-2021-30080 | 2022-04-05 | An issue was discovered in the route lookup process in... |
| CVE-2021-41751 | 2022-04-05 | Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in... |
| CVE-2022-27462 | 2022-04-05 | Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID... |
| CVE-2020-28847 | 2022-04-05 | Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via... |
| CVE-2021-28428 | 2022-04-05 | File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a... |
| CVE-2020-19229 | 2022-04-05 | Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by... |
| CVE-2022-27463 | 2022-04-05 | Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6,... |
| CVE-2021-41752 | 2022-04-05 | Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct... |
| CVE-2022-0602 | 2022-04-05 | Cross-site Scripting (XSS) - DOM in tastyigniter/tastyigniter |
| CVE-2022-22355 | 2022-04-05 | IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable... |
| CVE-2022-22356 | 2022-04-05 | IBM MQ Appliance 9.2 CD and 9.2 LTS could allow... |
| CVE-2022-26635 | 2022-04-05 | PHP-Memcached v2.2.0 and below contains an improper NULL termination which... |
| CVE-2022-1244 | 2022-04-05 | heap-buffer-overflow in radareorg/radare2 |
| CVE-2022-28648 | 2022-04-05 | In JetBrains YouTrack before 2022.1.43563 HTML code from the issue... |
| CVE-2022-28649 | 2022-04-05 | In JetBrains YouTrack before 2022.1.43563 it was possible to include... |
| CVE-2022-28650 | 2022-04-05 | In JetBrains YouTrack before 2022.1.43700 it was possible to inject... |
| CVE-2022-28651 | 2022-04-05 | In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to... |
| CVE-2022-26630 | 2022-04-05 | Jellycms v3.8.1 and below was discovered to contain an arbitrary... |
| CVE-2022-24978 | 2022-04-05 | Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation... |
| CVE-2022-25245 | 2022-04-05 | Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know... |
| CVE-2022-25373 | 2022-04-05 | Zoho ManageEngine SupportCenter Plus before 11020 allows Stored XSS in... |
| CVE-2022-24780 | 2022-04-05 | Code Injection in Combodo iTop |
| CVE-2022-28219 | 2022-04-05 | Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable... |
| CVE-2022-24811 | 2022-04-05 | Cross-site Scripting in Combodo iTop |
| CVE-2022-26628 | 2022-04-05 | Matrimony v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-27123 | 2022-04-05 | Employee Performance Evaluation v1.0 was discovered to contain a SQL... |
| CVE-2022-27124 | 2022-04-05 | Insurance Management System 1.0 was discovered to contain a SQL... |
| CVE-2022-27304 | 2022-04-05 | Student Grading System v1.0 was discovered to contain a SQL... |
| CVE-2022-28115 | 2022-04-05 | Online Sports Complex Booking v1.0 was discovered to contain a... |
| CVE-2022-28116 | 2022-04-05 | Online Banking System v1.0 was discovered to contain a SQL... |
| CVE-2022-28467 | 2022-04-05 | Online Student Admission v1.0 was discovered to contain a SQL... |
| CVE-2022-28468 | 2022-04-05 | Payroll Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-23974 | 2022-04-05 | Pinot segment push endpoint has a vulnerability in unprotected environments |
| CVE-2022-24475 | 2022-04-05 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-24523 | 2022-04-05 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2022-26891 | 2022-04-05 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-26894 | 2022-04-05 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-26895 | 2022-04-05 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-26900 | 2022-04-05 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-26908 | 2022-04-05 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-26909 | 2022-04-05 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-26912 | 2022-04-05 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2021-43138 | 2022-04-06 | In Async before 2.6.4 and 3.x before 3.2.2, a malicious... |
| CVE-2022-1238 | 2022-04-06 | Out-of-bounds Write in libr/bin/format/ne/ne.c in radareorg/radare2 |
| CVE-2022-1253 | 2022-04-06 | Heap-based Buffer Overflow in strukturag/libde265 |
| CVE-2022-24786 | 2022-04-06 | Potential out-of-bound read/write in PJSIP |
| CVE-2022-24793 | 2022-04-06 | Potential heap buffer overflow when parsing DNS packets in PJSIP |
| CVE-2022-26251 | 2022-04-06 | The HTTP interface of Synaman v5.1 and below was discovered... |
| CVE-2022-26250 | 2022-04-06 | Synaman v5.1 and below was discovered to contain weak file... |
| CVE-2022-26953 | 2022-04-06 | Digi Passport Firmware through 1.5.1,1 is affected by a buffer... |
| CVE-2022-26952 | 2022-04-06 | Digi Passport Firmware through 1.5.1,1 is affected by a buffer... |
| CVE-2021-45103 | 2022-04-06 | An issue was discovered in HTCondor 9.0.x before 9.0.10 and... |
| CVE-2021-45104 | 2022-04-06 | An issue was discovered in HTCondor 9.0.x before 9.0.10 and... |
| CVE-2022-26110 | 2022-04-06 | An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x... |
| CVE-2021-30497 | 2022-04-06 | Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read... |
| CVE-2021-40374 | 2022-04-06 | A stored cross-site scripting (XSS) vulnerability was identified in Apperta... |
| CVE-2021-40375 | 2022-04-06 | Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the... |
| CVE-2022-1248 | 2022-04-06 | SAP Information System POST Request add_admin.php improper authentication |
| CVE-2022-1234 | 2022-04-06 | XSS in livehelperchat in livehelperchat/livehelperchat |
| CVE-2022-23446 | 2022-04-06 | A improper control of a resource through its lifetime in... |
| CVE-2020-29013 | 2022-04-06 | An improper input validation vulnerability in the sniffer interface of... |
| CVE-2022-23441 | 2022-04-06 | A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR... |
| CVE-2021-26112 | 2022-04-06 | Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons... |
| CVE-2021-26114 | 2022-04-06 | Multiple improper neutralization of special elements used in an SQL... |
| CVE-2021-24009 | 2022-04-06 | Multiple improper neutralization of special elements used in an OS... |
| CVE-2021-32593 | 2022-04-06 | A use of a broken or risky cryptographic algorithm vulnerability... |
| CVE-2021-43205 | 2022-04-06 | An exposure of sensitive information to an unauthorized actor vulnerability... |
| CVE-2022-23440 | 2022-04-06 | A use of hard-coded cryptographic key vulnerability [CWE-321] in the... |
| CVE-2021-44169 | 2022-04-06 | A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and... |
| CVE-2022-1237 | 2022-04-06 | Improper Validation of Array Index in radareorg/radare2 |
| CVE-2022-1240 | 2022-04-06 | Heap buffer overflow in libr/bin/format/mach0/mach0.c in radareorg/radare2 |
| CVE-2022-27107 | 2022-04-06 | OrangeHRM 4.10 is vulnerable to Stored XSS in the "Share... |
| CVE-2022-27108 | 2022-04-06 | OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR)... |
| CVE-2022-27109 | 2022-04-06 | OrangeHRM 4.10 suffers from a Referer header injection redirect vulnerability. |
| CVE-2022-27110 | 2022-04-06 | OrangeHRM 4.10 is vulnerable to a Host header injection redirect... |
| CVE-2022-22410 | 2022-04-06 | IBM Watson Query with Cloud Pak for Data as a... |
| CVE-2021-26104 | 2022-04-06 | Multiple OS command injection (CWE-78) vulnerabilities in the command line... |
| CVE-2021-41026 | 2022-04-06 | A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and... |
| CVE-2021-22127 | 2022-04-06 | An improper input validation vulnerability in FortiClient for Linux 6.4.x... |
| CVE-2021-32585 | 2022-04-06 | An improper neutralization of input during web page generation vulnerability... |
| CVE-2021-26116 | 2022-04-06 | An improper neutralization of special elements used in an OS... |
| CVE-2021-26113 | 2022-04-06 | A use of a one-way hash with a predictable salt... |
| CVE-2022-24822 | 2022-04-06 | Denial of Service in @podium/layout and @podium/proxy |
| CVE-2022-26850 | 2022-04-06 | Insufficiently protected credentials |
| CVE-2022-20784 | 2022-04-06 | Cisco Web Security Appliance Filter Bypass Vulnerability |