CVE List - 2022 / May
Showing 801 - 900 of 2161 CVEs for May 2022 (Page 9 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-26378 | 2022-05-11 | Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. |
| CVE-2021-26349 | 2022-05-11 | Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA). |
| CVE-2021-26364 | 2022-05-11 | Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to... |
| CVE-2021-26348 | 2022-05-11 | Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to... |
| CVE-2021-26373 | 2022-05-11 | Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service. |
| CVE-2021-26376 | 2022-05-11 | Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service. |
| CVE-2021-26388 | 2022-05-11 | Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial... |
| CVE-2022-0024 | 2022-05-11 | PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit |
| CVE-2022-0025 | 2022-05-11 | Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability |
| CVE-2022-0026 | 2022-05-11 | Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability |
| CVE-2022-0027 | 2022-05-11 | Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports |
| CVE-2021-26400 | 2022-05-11 | AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. |
| CVE-2021-46744 | 2022-05-11 | An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time. |
| CVE-2021-30361 | 2022-05-11 | The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS. |
| CVE-2022-24101 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| CVE-2022-24102 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-24103 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-24104 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27785 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27786 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27787 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-27788 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-27789 | 2022-05-11 | Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27790 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27791 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2022-27792 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-27793 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-27794 | 2022-05-11 | Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| CVE-2022-27795 | 2022-05-11 | Adobe Acrobat Reader DC AcroForm isDefaultChecked Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27796 | 2022-05-11 | Adobe Acrobat Reader DC AcroForm isBoxChecked Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27797 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27798 | 2022-05-11 | Adobe Acrobat Reader DC zoomType Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-27799 | 2022-05-11 | Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27800 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27801 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27802 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-28230 | 2022-05-11 | Adobe Acrobat Reader DC AcroForm calculateNow Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-28231 | 2022-05-11 | Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28232 | 2022-05-11 | Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability |
| CVE-2022-30040 | 2022-05-11 | Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access... |
| CVE-2022-28233 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-28234 | 2022-05-11 | Adobe Acrobat Reader DC Heap Overflow Could Lead to RCE |
| CVE-2022-28235 | 2022-05-11 | Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-28236 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28237 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-28238 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2021-33315 | 2022-05-11 | The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on... |
| CVE-2021-33316 | 2022-05-11 | The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on... |
| CVE-2021-33317 | 2022-05-11 | The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if... |
| CVE-2021-31330 | 2022-05-11 | A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the... |
| CVE-2021-36614 | 2022-05-11 | Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| CVE-2022-28239 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2021-34085 | 2022-05-11 | Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact,... |
| CVE-2021-28290 | 2022-05-11 | A cross-site scripting (XSS) vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter. |
| CVE-2021-36613 | 2022-05-11 | Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| CVE-2021-42648 | 2022-05-11 | Cross-site scripting (XSS) vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL. |
| CVE-2022-28240 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-28241 | 2022-05-11 | Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2022-30047 | 2022-05-11 | Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter. |
| CVE-2022-28242 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-30048 | 2022-05-11 | Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter. |
| CVE-2022-28243 | 2022-05-11 | Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2022-28244 | 2022-05-11 | Adobe Acrobat Reader DC CSP Bypass Leads To Privilege Escalation |
| CVE-2022-28245 | 2022-05-11 | Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28246 | 2022-05-11 | Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28247 | 2022-05-11 | Adobe Acrobat Uninstaller Hard Link Leads To Remote Code Execution |
| CVE-2022-28248 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28249 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28250 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| CVE-2022-28251 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28252 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28253 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28254 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28255 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-30058 | 2022-05-11 | Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php. |
| CVE-2022-28256 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| CVE-2022-30059 | 2022-05-11 | Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php. |
| CVE-2022-24584 | 2022-05-11 | Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation server. The Yubico OTP supposedly creates hardware bound second factor credentials. When... |
| CVE-2022-28257 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28258 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28259 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-30057 | 2022-05-11 | Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability. |
| CVE-2022-28260 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28261 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-30452 | 2022-05-11 | ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php |
| CVE-2022-28262 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28263 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-30453 | 2022-05-11 | ShopWind <= 3.4.2 has a RCE vulnerability in Database.php |
| CVE-2022-28264 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-29845 | 2022-05-11 | In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents... |
| CVE-2022-29846 | 2022-05-11 | In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number. |
| CVE-2022-29847 | 2022-05-11 | In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp... |
| CVE-2022-29848 | 2022-05-11 | In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system... |
| CVE-2022-28265 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28266 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28267 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-28268 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-30061 | 2022-05-11 | ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp. |
| CVE-2022-28269 | 2022-05-11 | Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| CVE-2022-28837 | 2022-05-11 | Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability |