CVE List - 2022 / April
Showing 501 - 600 of 2039 CVEs for April 2022 (Page 6 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-43515 | 2022-04-08 | CSV Injection (aka Excel Macro Injection or Formula Injection) exists... |
| CVE-2022-1283 | 2022-04-08 | NULL Pointer Dereference in r_bin_ne_get_entrypoints function in radareorg/radare2 |
| CVE-2021-43498 | 2022-04-08 | An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php... |
| CVE-2022-1284 | 2022-04-08 | heap-use-after-free in radareorg/radare2 |
| CVE-2022-24821 | 2022-04-08 | Incorrect Use of Privileged APIs in org.xwiki.platform.skin.skinx |
| CVE-2022-24819 | 2022-04-08 | Unauthenticated user can retrieve the list of users through uorgsuggest.vm |
| CVE-2022-24820 | 2022-04-08 | Unauthenticated user can list hidden document from multiple velocity templates |
| CVE-2021-36287 | 2022-04-08 | Dell VNX2 for file version 8.1.21.266 and earlier, contain an... |
| CVE-2021-36288 | 2022-04-08 | Dell VNX2 for File version 8.1.21.266 and earlier, contain a... |
| CVE-2021-36290 | 2022-04-08 | Dell VNX2 for File version 8.1.21.266 and earlier, contain a... |
| CVE-2021-36293 | 2022-04-08 | Dell VNX2 for File version 8.1.21.266 and earlier, contain a... |
| CVE-2022-22563 | 2022-04-08 | Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information... |
| CVE-2022-24428 | 2022-04-08 | Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and... |
| CVE-2022-26851 | 2022-04-08 | Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from... |
| CVE-2022-26852 | 2022-04-08 | Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in... |
| CVE-2022-26854 | 2022-04-08 | Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A... |
| CVE-2022-26855 | 2022-04-08 | Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions... |
| CVE-2021-43009 | 2022-04-08 | A Cross Site Scripting (XSS) vulnerability exists in OpServices OpMon... |
| CVE-2022-26180 | 2022-04-08 | qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update... |
| CVE-2022-26588 | 2022-04-08 | A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers... |
| CVE-2022-28365 | 2022-04-09 | Reprise License Manager 14.2 is affected by an Information Disclosure... |
| CVE-2022-27883 | 2022-04-09 | A link following vulnerability in Trend Micro Antivirus for Mac... |
| CVE-2022-26877 | 2022-04-09 | Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local... |
| CVE-2022-28363 | 2022-04-09 | Reprise License Manager 14.2 is affected by a reflected cross-site... |
| CVE-2022-28364 | 2022-04-09 | Reprise License Manager 14.2 is affected by a reflected cross-site... |
| CVE-2022-1287 | 2022-04-09 | School Club Application System resource injection |
| CVE-2022-1288 | 2022-04-09 | School Club Application System cross site scripting |
| CVE-2022-1276 | 2022-04-10 | Out-of-bounds Read in mrb_get_args in mruby/mruby |
| CVE-2022-1286 | 2022-04-10 | heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby |
| CVE-2022-1289 | 2022-04-10 | tildearrow Furnace Incomplete Fix CVE-2022-1211 denial of service |
| CVE-2022-1290 | 2022-04-10 | Stored XSS in "Name", "Group Name" & "Title" in polonel/trudesk |
| CVE-2022-1291 | 2022-04-10 | XSS vulnerability with default `onCellHtmlData` function in hhurz/tableexport.jquery.plugin |
| CVE-2022-27295 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27294 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27293 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27291 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27292 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27290 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27289 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27287 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27288 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27286 | 2022-04-10 | D-Link DIR-619 Ax v1.00 was discovered to contain a stack... |
| CVE-2022-27280 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27279 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27276 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27277 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27274 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27275 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27272 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27273 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27270 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27271 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27268 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27269 | 2022-04-10 | InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was... |
| CVE-2022-27133 | 2022-04-10 | zbzcms v1.0 was discovered to contain an arbitrary file deletion... |
| CVE-2022-27131 | 2022-04-10 | An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzcms v1.0... |
| CVE-2022-27129 | 2022-04-10 | An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1.0... |
| CVE-2022-27127 | 2022-04-10 | zbzcms v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-27128 | 2022-04-10 | An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0... |
| CVE-2022-27126 | 2022-04-10 | zbzcms v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-27125 | 2022-04-10 | zbzcms v1.0 was discovered to contain a stored cross-site scripting... |
| CVE-2022-27476 | 2022-04-10 | A cross-site scripting (XSS) vulnerability at /admin/goods/update in Newbee-Mall v1.0.0... |
| CVE-2022-27958 | 2022-04-10 | Insecure permissions configured in the userid parameter at /user/getuserprofile of... |
| CVE-2022-27477 | 2022-04-10 | Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload... |
| CVE-2022-27960 | 2022-04-10 | Insecure permissions configured in the user_id parameter at SysUserController.java of... |
| CVE-2022-27961 | 2022-04-10 | A cross-site scripting (XSS) vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4... |
| CVE-2022-24836 | 2022-04-11 | Inefficient Regular Expression Complexity in Nokogiri |
| CVE-2022-25794 | 2022-04-11 | An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.2... |
| CVE-2022-28893 | 2022-04-11 | The SUNRPC subsystem in the Linux kernel through 5.17.2 can... |
| CVE-2021-32156 | 2022-04-11 | A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973... |
| CVE-2021-32157 | 2022-04-11 | A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via... |
| CVE-2021-32158 | 2022-04-11 | A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via... |
| CVE-2021-32159 | 2022-04-11 | A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973... |
| CVE-2021-32160 | 2022-04-11 | A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through... |
| CVE-2021-32161 | 2022-04-11 | A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through... |
| CVE-2021-32162 | 2022-04-11 | A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973... |
| CVE-2022-0936 | 2022-04-11 | Cross-site Scripting (XSS) - Stored in autolab/autolab |
| CVE-2022-1045 | 2022-04-11 | Stored XSS viva .svg file upload in polonel/trudesk |
| CVE-2022-1252 | 2022-04-11 | Use of a Broken or Risky Cryptographic Algorithm in gnuboard/gnuboard5 |
| CVE-2022-1295 | 2022-04-11 | Prototype Pollution in alvarotrigo/fullpage.js |
| CVE-2022-1296 | 2022-04-11 | Out-of-bounds read in `r_bin_ne_get_relocs` function in radareorg/radare2 |
| CVE-2022-1297 | 2022-04-11 | Out-of-bounds Read in r_bin_ne_get_entrypoints function in radareorg/radare2 |
| CVE-2022-0556 | 2022-04-11 | A local privilege escalation vulnerability caused by incorrect permission assignment... |
| CVE-2022-26413 | 2022-04-11 | A command injection vulnerability in the CGI program of Zyxel... |
| CVE-2022-26414 | 2022-04-11 | A potential buffer overflow vulnerability was identified in some internal... |
| CVE-2022-27041 | 2022-04-11 | Due to lack of protection, parameter student_id in OpenSIS Classic... |
| CVE-2022-27089 | 2022-04-11 | In Fujitsu PlugFree Network <= 7.3.0.3, an Unquoted service path... |
| CVE-2022-27088 | 2022-04-11 | Ivanti DSM Remote <= 6.3.1.1862 is vulnerable to an unquoted... |
| CVE-2022-27115 | 2022-04-11 | In Studio-42 elFinder 2.1.60, there is a vulnerability that causes... |
| CVE-2022-27156 | 2022-04-11 | Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection. |
| CVE-2021-24986 | 2022-04-11 | Post Grid < 2.1.16 - Reflected Cross-Site Scripting via keyword |
| CVE-2021-24987 | 2022-04-11 | Super Socializer < 7.13.30 - Reflected Cross-Site Scripting |
| CVE-2021-25090 | 2022-04-11 | GridKit Portfolio < 2.1.0 - Subscriber+ Stored Cross-Site Scripting |
| CVE-2022-0246 | 2022-04-11 | iQ Block Country < 1.2.13 - Admin+ Arbitrary File Deletion via Zip Slip |
| CVE-2022-0271 | 2022-04-11 | LearnPress < 4.1.6 - Reflected Cross-Site Scripting |
| CVE-2022-0314 | 2022-04-11 | Nimble Page Builder < 3.2.2 - Reflected Cross-Site Scripting |
| CVE-2022-0447 | 2022-04-11 | Post Grid < 2.1.16 - Reflected Cross-Site Scripting via post_types |
| CVE-2022-0471 | 2022-04-11 | Favicon by RealFaviconGenerator < 1.3.23 - Reflected Cross-Site Scripting |
| CVE-2022-0531 | 2022-04-11 | WPvivid Backup and Migration Plugin < 0.9.70 - Reflected Cross-Site Scripting |
| CVE-2022-0728 | 2022-04-11 | Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting |