CVE List - 2022 / May
Showing 1201 - 1300 of 2161 CVEs for May 2022 (Page 13 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-1051 | 2022-05-16 | WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields |
| CVE-2022-1062 | 2022-05-16 | th23 Social <= 1.2.0 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1089 | 2022-05-16 | Bulk Edit and Create User Profiles < 1.5.14 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1103 | 2022-05-16 | Advanced Uploader <= 4.2 - Subscriber+ Arbitrary File Upload |
| CVE-2022-1182 | 2022-05-16 | Visual Slide Box Builder <= 3.2.9 - Subscriber+ SQLi |
| CVE-2022-1216 | 2022-05-16 | Advanced Image Sitemap <= 1.2 - Reflected Cross-Site Scripting |
| CVE-2022-1217 | 2022-05-16 | Custom TinyMCE Shortcode Button <= 1.1 - Reflected Cross-Site Scripting |
| CVE-2022-1265 | 2022-05-16 | BulletProof Security < 6.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1267 | 2022-05-16 | BMI BMR Calculator <= 1.3 - Reflected Cross-Site Scripting |
| CVE-2022-1334 | 2022-05-16 | WP YouTube Live < 1.8.3 - Admin+ Stored Cross Site Scripting |
| CVE-2022-1349 | 2022-05-16 | WPQA < 5.2 - Subscriber+ Arbitrary Profile Picture Deletion via IDOR |
| CVE-2022-1386 | 2022-05-16 | Fusion Builder < 3.6.2 - Unauthenticated SSRF |
| CVE-2022-1393 | 2022-05-16 | WP Subtitle < 3.4.1 - Contributor+ Stored Cross-Site Scripting |
| CVE-2022-1398 | 2022-05-16 | External Media without Import <= 1.1.2 - Subscriber+ Blind SSRF |
| CVE-2022-1407 | 2022-05-16 | VikBooking Hotel Booking Engine & PMS < 1.5.7 - Stored Cross-Site Scripting via CSRF |
| CVE-2022-1408 | 2022-05-16 | VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1409 | 2022-05-16 | VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ PHP File Upload |
| CVE-2022-1418 | 2022-05-16 | Social Stickers <= 2.2.9 - Stored Cross-Site Scripting via CSRF |
| CVE-2022-1425 | 2022-05-16 | WPQA < 5.2 - Subscriber+ Private Message Disclosure via IDOR |
| CVE-2022-1435 | 2022-05-16 | WPCargo Track & Trace < 6.9.5 - Admin+ Stored Cross Site Scripting |
| CVE-2022-1436 | 2022-05-16 | WPCargo Track & Trace < 6.9.5 - Reflected Cross Site Scripting |
| CVE-2022-1455 | 2022-05-16 | Call Now Button < 1.1.2 - Reflected Cross-Site Scripting |
| CVE-2022-1465 | 2022-05-16 | WPC Smart Wishlist for WooCommerce < 2.9.9 - Reflected Cross-Site Scripting |
| CVE-2022-1512 | 2022-05-16 | ScrollReveal.js Effects <= 1.2 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1557 | 2022-05-16 | ULeak Security & Monitoring <= 1.2.3 - Subscriber+ Stored Cross-Site Scripting |
| CVE-2022-1559 | 2022-05-16 | Clipr <= 1.2.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1560 | 2022-05-16 | Amministrazione Aperta < 3.8 - Admin+ LFI |
| CVE-2022-1722 | 2022-05-16 | SSRF in editor's proxy via IPv6 link-local address in jgraph/drawio |
| CVE-2022-1721 | 2022-05-16 | Path Traversal in WellKnownServlet in jgraph/drawio |
| CVE-2022-0574 | 2022-05-16 | Improper Access Control in publify/publify |
| CVE-2022-0578 | 2022-05-16 | Code Injection in publify/publify |
| CVE-2022-1713 | 2022-05-16 | SSRF on /proxy in jgraph/drawio |
| CVE-2022-1553 | 2022-05-16 | Leaking password protected articles content due to improper access control in publify/publify |
| CVE-2022-0573 | 2022-05-16 | JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure... |
| CVE-2022-1719 | 2022-05-16 | Reflected XSS on ticket filter function in polonel/trudesk |
| CVE-2022-1718 | 2022-05-16 | The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in polonel/trudesk |
| CVE-2022-30523 | 2022-05-16 | Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is... |
| CVE-2022-1728 | 2022-05-16 | Allowing long password leads to denial of service in polonel/trudesk in polonel/trudesk |
| CVE-2022-1726 | 2022-05-16 | Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in wenzhixin/bootstrap-table |
| CVE-2021-33318 | 2022-05-16 | An Input Validation Vulnerability exists in Joel Christner .NET C#... |
| CVE-2022-30050 | 2022-05-16 | Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting... |
| CVE-2022-30055 | 2022-05-16 | Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability... |
| CVE-2022-25169 | 2022-05-16 | Apache Tika BPGParser Memory Usage DoS |
| CVE-2022-30126 | 2022-05-16 | Apache Tika Regular Expression Denial of Service in Standards Extractor |
| CVE-2021-23265 | 2022-05-16 | Improper Privilege Management in Crafter Studio |
| CVE-2021-23266 | 2022-05-16 | Improper Output Neutralization for Logs in Crafter Studio |
| CVE-2021-23267 | 2022-05-16 | Improper Control of Dynamically-Managed Code Resources in Crafter Studio |
| CVE-2021-27442 | 2022-05-16 | Weintek EasyWeb cMT Cross-site Scripting |
| CVE-2021-27444 | 2022-05-16 | Weintek EasyWeb cMT Improper Access Control |
| CVE-2021-27446 | 2022-05-16 | Weintek EasyWeb cMT Code Injection |
| CVE-2022-30695 | 2022-05-16 | Local privilege escalation due to excessive permissions assigned to child processes |
| CVE-2022-30696 | 2022-05-16 | Local privilege escalation due to a DLL hijacking vulnerability |
| CVE-2022-30697 | 2022-05-16 | Local privilege escalation due to insecure folder permissions |
| CVE-2021-33001 | 2022-05-16 | xArrow SCADA Cross-site Scripting |
| CVE-2021-33021 | 2022-05-16 | xArrow SCADA Cross-site Scripting |
| CVE-2021-33025 | 2022-05-16 | xArrow SCADA Path Traversal |
| CVE-2022-1731 | 2022-05-16 | Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable... |
| CVE-2022-23657 | 2022-05-16 | A remote authentication bypass vulnerability was discovered in Aruba ClearPass... |
| CVE-2022-23658 | 2022-05-16 | A remote authentication bypass vulnerability was discovered in Aruba ClearPass... |
| CVE-2022-23659 | 2022-05-16 | A remote reflected cross site scripting (xss) vulnerability was discovered... |
| CVE-2022-23660 | 2022-05-16 | A remote authentication bypass vulnerability was discovered in Aruba ClearPass... |
| CVE-2022-23663 | 2022-05-16 | A authenticated remote command injection vulnerability was discovered in Aruba... |
| CVE-2022-23662 | 2022-05-16 | A authenticated remote command injection vulnerability was discovered in Aruba... |
| CVE-2022-23661 | 2022-05-16 | A authenticated remote command injection vulnerability was discovered in Aruba... |
| CVE-2022-23664 | 2022-05-16 | A authenticated remote command injection vulnerability was discovered in Aruba... |
| CVE-2022-23665 | 2022-05-16 | A authenticated remote command injection vulnerability was discovered in Aruba... |
| CVE-2022-23666 | 2022-05-16 | A authenticated remote command injection vulnerability was discovered in Aruba... |
| CVE-2022-23668 | 2022-05-16 | A remote authenticated server-side request forgery (ssrf) vulnerability was discovered... |
| CVE-2022-23667 | 2022-05-16 | A authenticated remote command injection vulnerability was discovered in Aruba... |
| CVE-2022-23670 | 2022-05-16 | A remote authenticated information disclosure vulnerability was discovered in Aruba... |
| CVE-2022-1706 | 2022-05-17 | A vulnerability was found in Ignition where ignition configs are... |
| CVE-2022-1733 | 2022-05-17 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-1735 | 2022-05-17 | Classic Buffer Overflow in vim/vim |
| CVE-2022-1769 | 2022-05-17 | Buffer Over-read in vim/vim |
| CVE-2022-28181 | 2022-05-17 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2022-28183 | 2022-05-17 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2022-28184 | 2022-05-17 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2022-28185 | 2022-05-17 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2022-30007 | 2022-05-17 | GXCMS V1.5 has a file upload vulnerability in the background.... |
| CVE-2022-30067 | 2022-05-17 | GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through... |
| CVE-2022-30952 | 2022-05-17 | Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and... |
| CVE-2022-29162 | 2022-05-17 | Incorrect Default Permissions in runc |
| CVE-2022-1753 | 2022-05-17 | WoWonder Group requests.php access control |
| CVE-2013-10001 | 2022-05-17 | HTC One/Sense Mail Client certificate validation |
| CVE-2022-26650 | 2022-05-17 | Apache ShenYu (incubating) Regular expression denial of service |
| CVE-2022-1723 | 2022-05-17 | Server-Side Request Forgery (SSRF) in jgraph/drawio |
| CVE-2021-42943 | 2022-05-17 | Stored cross-site scripting (XSS) in admin/usermanager.php over IPPlan v4.92b allows... |
| CVE-2021-42643 | 2022-05-17 | cmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability.... |
| CVE-2021-42644 | 2022-05-17 | cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability.... |
| CVE-2022-1711 | 2022-05-17 | Server-Side Request Forgery (SSRF) in jgraph/drawio |
| CVE-2022-30110 | 2022-05-17 | The file preview functionality in Jirafeau < 4.4.0, which is... |
| CVE-2022-29332 | 2022-05-17 | D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An... |
| CVE-2022-30945 | 2022-05-17 | Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any... |
| CVE-2022-30946 | 2022-05-17 | A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security... |
| CVE-2022-30947 | 2022-05-17 | Jenkins Git Plugin 4.11.1 and earlier allows attackers able to... |
| CVE-2022-30948 | 2022-05-17 | Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to... |
| CVE-2022-30949 | 2022-05-17 | Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to... |
| CVE-2022-30950 | 2022-05-17 | Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the... |
| CVE-2022-30951 | 2022-05-17 | Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the... |
| CVE-2022-30953 | 2022-05-17 | A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean... |