CVE List - 2022 / May
Showing 1401 - 1500 of 2161 CVEs for May 2022 (Page 15 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-28956 | 2022-05-18 | An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows... |
| CVE-2022-29638 | 2022-05-18 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... |
| CVE-2022-29639 | 2022-05-18 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... |
| CVE-2022-29640 | 2022-05-18 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... |
| CVE-2022-29641 | 2022-05-18 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... |
| CVE-2022-29642 | 2022-05-18 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... |
| CVE-2022-29643 | 2022-05-18 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... |
| CVE-2022-29644 | 2022-05-18 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... |
| CVE-2022-29645 | 2022-05-18 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... |
| CVE-2022-29646 | 2022-05-18 | An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129... |
| CVE-2021-27548 | 2022-05-18 | There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode()... |
| CVE-2022-28917 | 2022-05-18 | Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow... |
| CVE-2022-22784 | 2022-05-18 | Improper XML Parsing in Zoom Client for Meetings |
| CVE-2022-22785 | 2022-05-18 | Improperly constrained session cookies in Zoom Client for Meetings |
| CVE-2022-22786 | 2022-05-18 | Update package downgrade in Zoom Client for Meetings for Windows |
| CVE-2022-1767 | 2022-05-18 | Server-Side Request Forgery (SSRF) in jgraph/drawio |
| CVE-2022-30105 | 2022-05-18 | In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp,... |
| CVE-2022-22787 | 2022-05-18 | Insufficient hostname validation during Clusterswitch message in Zoom Client for Meetings |
| CVE-2021-3922 | 2022-05-18 | A race condition vulnerability was reported in IMController, a software... |
| CVE-2021-3956 | 2022-05-18 | A read-only authentication bypass vulnerability was reported in the Third... |
| CVE-2021-3969 | 2022-05-18 | A Time of Check Time of Use (TOCTOU) vulnerability was... |
| CVE-2021-42848 | 2022-05-18 | An information disclosure vulnerability was reported in some Lenovo Personal... |
| CVE-2021-42849 | 2022-05-18 | A weak default password for the serial port was reported... |
| CVE-2021-42850 | 2022-05-18 | A weak default administrator password for the web interface and... |
| CVE-2021-42851 | 2022-05-18 | A vulnerability was reported in some Lenovo Personal Cloud Storage... |
| CVE-2021-42852 | 2022-05-18 | A command injection vulnerability was reported in some Lenovo Personal... |
| CVE-2022-1110 | 2022-05-18 | A buffer overflow vulnerability in Lenovo Smart Standby Driver prior... |
| CVE-2021-42700 | 2022-05-18 | Inkscape Out-of-bounds Read |
| CVE-2021-42702 | 2022-05-18 | Inkscape Access of Uninitialized Pointer |
| CVE-2021-42704 | 2022-05-18 | Inkscape Out-of-bounds Write |
| CVE-2022-1734 | 2022-05-18 | A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c... |
| CVE-2022-25161 | 2022-05-18 | Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series... |
| CVE-2022-28924 | 2022-05-18 | An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers... |
| CVE-2022-25162 | 2022-05-18 | Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series... |
| CVE-2022-0883 | 2022-05-18 | Windows Unquoted/Trusted Service Paths |
| CVE-2022-29445 | 2022-05-18 | WordPress Popup Box plugin <= 2.1.2 - Authenticated Local File Inclusion (LFI) vulnerability |
| CVE-2022-30596 | 2022-05-18 | A flaw was found in moodle where ID numbers displayed... |
| CVE-2022-22776 | 2022-05-18 | TIBCO BusinessConnect Trading Community Management Stored Cross Site Scripting Vulnerability |
| CVE-2022-22777 | 2022-05-18 | TIBCO BusinessConnect Trading Community Management Reflected Cross Site Scripting Vulnerability |
| CVE-2022-22778 | 2022-05-18 | TIBCO BusinessConnect Trading Community Management Cross-Site Request Forgery Vulnerability |
| CVE-2022-30597 | 2022-05-18 | A flaw was found in moodle where the description user... |
| CVE-2022-30598 | 2022-05-18 | A flaw was found in moodle where global search results... |
| CVE-2022-30599 | 2022-05-18 | A flaw was found in moodle where an SQL injection... |
| CVE-2022-28921 | 2022-05-18 | A Cross-Site Request Forgery (CSRF) vulnerability discovered in BlogEngine.Net v3.3.8.0... |
| CVE-2022-30111 | 2022-05-18 | Due to the use of an insecure algorithm for rolling... |
| CVE-2022-30600 | 2022-05-18 | A flaw was found in moodle where logic used to... |
| CVE-2022-25617 | 2022-05-18 | WordPress Code Snippets plugin <= 2.14.3 - Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-30033 | 2022-05-18 | Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via... |
| CVE-2021-38944 | 2022-05-18 | IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0.1.5, and... |
| CVE-2022-30990 | 2022-05-18 | Sensitive information disclosure due to insecure folder permissions |
| CVE-2022-30994 | 2022-05-18 | Cleartext transmission of sensitive information |
| CVE-2022-30993 | 2022-05-18 | Cleartext transmission of sensitive information |
| CVE-2022-30992 | 2022-05-18 | Open redirect via user-controlled query parameter |
| CVE-2022-30991 | 2022-05-18 | HTML injection via report name |
| CVE-2022-29230 | 2022-05-18 | Potential cross-site scripting (XSS) vulnerability in Hydrogen |
| CVE-2022-1774 | 2022-05-18 | Exposure of Sensitive Information to an Unauthorized Actor in jgraph/drawio |
| CVE-2022-29229 | 2022-05-18 | Missing Cryptographic Step in cassproject |
| CVE-2022-30138 | 2022-05-18 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2022-1785 | 2022-05-19 | Out-of-bounds Write in vim/vim |
| CVE-2022-1796 | 2022-05-19 | Use After Free in vim/vim |
| CVE-2022-22978 | 2022-05-19 | In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+... |
| CVE-2022-28348 | 2022-05-19 | Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost... |
| CVE-2022-28350 | 2022-05-19 | Arm Mali GPU Kernel Driver allows improper GPU operations in... |
| CVE-2022-28349 | 2022-05-19 | Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0... |
| CVE-2022-1670 | 2022-05-19 | When generating a user invitation code in Octopus Server, the... |
| CVE-2022-1183 | 2022-05-19 | Destroying a TLS session early causes assertion failure |
| CVE-2022-30018 | 2022-05-19 | Mobotix Control Center (MxCC) through 2.5.4.5 has Insufficiently Protected Credentials,... |
| CVE-2022-1730 | 2022-05-19 | Cross-site Scripting (XSS) - Stored in jgraph/drawio |
| CVE-2021-41938 | 2022-05-19 | An issue was discovered in ShopXO CMS 2.2.0. After entering... |
| CVE-2021-45730 | 2022-05-19 | JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access... |
| CVE-2022-22976 | 2022-05-19 | Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to... |
| CVE-2021-26630 | 2022-05-19 | HANDY Groupware file download and execute vulnerability |
| CVE-2021-26631 | 2022-05-19 | Mangboard parameter modulation vulnerability |
| CVE-2021-37413 | 2022-05-19 | GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in... |
| CVE-2022-29446 | 2022-05-19 | WordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerability |
| CVE-2022-29449 | 2022-05-19 | WordPress Opal Hotel Room Booking plugin <= 1.2.7 - Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-28927 | 2022-05-19 | A remote code execution (RCE) vulnerability in Subconverter v0.7.2 allows... |
| CVE-2020-4970 | 2022-05-19 | IBM Security Identity Governance and Intelligence 5.2.4, 5.2.5, and 5.2.6... |
| CVE-2022-30617 | 2022-05-19 | An authenticated user with access to the Strapi admin panel... |
| CVE-2022-30618 | 2022-05-19 | An authenticated user with access to the Strapi admin panel... |
| CVE-2022-1416 | 2022-05-19 | Missing sanitization of data in Pipeline error messages in GitLab... |
| CVE-2022-1413 | 2022-05-19 | Missing input masking in GitLab CE/EE affecting all versions starting... |
| CVE-2022-1423 | 2022-05-19 | Improper access control in the CI/CD cache mechanism in GitLab... |
| CVE-2020-16209 | 2022-05-19 | Fieldcomm Group HART-IP and hipserver - Stack-based Buffer Overflow |
| CVE-2021-32934 | 2022-05-19 | ThroughTek P2P SDK - Cleartext Transmission of Sensitive Information |
| CVE-2020-16231 | 2022-05-19 | All Bachmann M1 System Processor Modules - Use of Password Hash with Insufficient Computational Effort |
| CVE-2020-16235 | 2022-05-19 | Emerson OpenEnterprise - Inadequate Encryption Strength |
| CVE-2020-14496 | 2022-05-19 | Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A) - Permission Issues |
| CVE-2022-28946 | 2022-05-19 | An issue in the component ast/parser.go of Open Policy Agent... |
| CVE-2022-28948 | 2022-05-19 | An issue in the Unmarshal function in Go-Yaml v3 causes... |
| CVE-2022-28959 | 2022-05-19 | Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of... |
| CVE-2022-28960 | 2022-05-19 | A PHP injection vulnerability in Spip before v3.2.8 allows attackers... |
| CVE-2022-28961 | 2022-05-19 | Spip Web Framework v3.1.13 and below was discovered to contain... |
| CVE-2022-28962 | 2022-05-19 | Online Sports Complex Booking System 1.0 is vulnerable to SQL... |
| CVE-2022-29304 | 2022-05-19 | Online Sports Complex Booking System 1.0 is vulnerable to SQL... |
| CVE-2022-29652 | 2022-05-19 | Online Sports Complex Booking System 1.0 is vulnerable to SQL... |
| CVE-2020-4107 | 2022-05-19 | HCL Domino is affected by an Insufficient Access Control vulnerability |
| CVE-2022-21500 | 2022-05-19 | Vulnerability in Oracle E-Business Suite (component: Manage Proxies). The supported... |
| CVE-2022-29181 | 2022-05-20 | Improper Handling of Unexpected Data Type in Nokogiri |
| CVE-2022-28964 | 2022-05-20 | An arbitrary file write vulnerability in Avast Premium Security before... |