CVE List - 2022 / April
Showing 2001 - 2039 of 2039 CVEs for April 2022 (Page 21 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-24900 | 2022-04-29 | Absolute Path Traversal due to incorrect use of `send_file` call in Piano LED Visualizer |
| CVE-2022-28452 | 2022-04-29 | Red Planet Laundry Management System 1.0 is vulnerable to SQL... |
| CVE-2022-29856 | 2022-04-29 | A hardcoded cryptographic key in Automation360 22 allows an attacker... |
| CVE-2021-43937 | 2022-04-29 | Elcomplus SmartPTT SCADA Server Cross-site Request Forgery |
| CVE-2021-43938 | 2022-04-29 | Elcomplus SmartPTT SCADA Server Information Exposure |
| CVE-2022-1048 | 2022-04-29 | A use-after-free flaw was found in the Linux kernel’s sound... |
| CVE-2022-1114 | 2022-04-29 | A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of... |
| CVE-2022-1195 | 2022-04-29 | A use-after-free vulnerability was found in the Linux kernel in... |
| CVE-2022-1249 | 2022-04-29 | A NULL pointer dereference flaw was found in pesign's cms_set_pw_data()... |
| CVE-2022-1227 | 2022-04-29 | A privilege escalation flaw was found in Podman. This flaw... |
| CVE-2022-1353 | 2022-04-29 | A vulnerability was found in the pfkey_register function in net/key/af_key.c... |
| CVE-2022-0985 | 2022-04-29 | Insufficient capability checks could allow users with the moodle/site:uploadusers capability... |
| CVE-2021-39082 | 2022-04-29 | IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic... |
| CVE-2022-0984 | 2022-04-29 | Users with the capability to configure badge criteria (teachers and... |
| CVE-2021-4207 | 2022-04-29 | A flaw was found in the QXL display device emulation... |
| CVE-2022-1402 | 2022-04-29 | Delta Electronics ASDA-Soft Out-of-bounds Read |
| CVE-2022-1403 | 2022-04-29 | Delta Electronics ASDA-Soft Out-of-bounds Write |
| CVE-2022-28480 | 2022-04-29 | ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.exe. |
| CVE-2022-28994 | 2022-04-29 | Small HTTP Server version 3.06 suffers from a remote buffer... |
| CVE-2021-4206 | 2022-04-29 | A flaw was found in the QXL display device emulation... |
| CVE-2022-29937 | 2022-04-29 | USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to... |
| CVE-2022-29936 | 2022-04-29 | USU Oracle Optimization before 5.17 allows authenticated quantum users to... |
| CVE-2022-29935 | 2022-04-29 | USU Oracle Optimization before 5.17.5 allows attackers to discover the... |
| CVE-2022-29934 | 2022-04-29 | USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows... |
| CVE-2021-36207 | 2022-04-29 | Metasys privilege management |
| CVE-2022-29414 | 2022-04-29 | WordPress Subscribe To Comments Reloaded plugin <= 211130 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities |
| CVE-2022-29451 | 2022-04-29 | WordPress Rara One Click Demo Import plugin <= 1.2.9 - Cross-Site Request Forgery (CSRF) leads to Arbitrary File Upload vulnerability |
| CVE-2022-1543 | 2022-04-29 | Improper handling of Length parameter in erudika/scoold |
| CVE-2022-29945 | 2022-04-29 | DJI drone devices sold in 2017 through 2022 broadcast unencrypted... |
| CVE-2022-25854 | 2022-04-29 | Cross-site Scripting (XSS) |
| CVE-2022-29947 | 2022-04-29 | Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue... |
| CVE-2022-28198 | 2022-04-29 | NVIDIA Omniverse Nucleus and Cache contain a vulnerability in its... |
| CVE-2022-29967 | 2022-04-29 | static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal. |
| CVE-2022-29265 | 2022-04-30 | Improper Restriction of XML External Entity References in Multiple Components |
| CVE-2022-28323 | 2022-04-30 | An issue was discovered in MediaWiki through 1.37.2. The SecurePoll... |
| CVE-2021-41992 | 2022-04-30 | PingID Windows Login RSA cryptographic weakness with possible offline MFA bypass |
| CVE-2021-41993 | 2022-04-30 | PingID Android mobile application prior to 1.19 vulnerable to pre-computed dictionary attacks |
| CVE-2021-41994 | 2022-04-30 | PingID iOS mobile application prior to 1.19 vulnerable to pre-computed dictionary attacks |
| CVE-2021-42001 | 2022-04-30 | PingID Desktop encryption libraries misconfiguration can lead to sensitive data exposure |