CVE List - 2022 / May
Showing 1501 - 1600 of 2161 CVEs for May 2022 (Page 16 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-28965 | 2022-05-20 | Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe... |
| CVE-2022-28985 | 2022-05-20 | A stored cross-site scripting (XSS) vulnerability in the addNewPost component... |
| CVE-2021-34111 | 2022-05-20 | Thecus 4800Eco was discovered to contain a command injection vulnerability... |
| CVE-2022-28987 | 2022-05-20 | Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform... |
| CVE-2022-1754 | 2022-05-20 | Integer Overflow or Wraparound in polonel/trudesk |
| CVE-2022-1806 | 2022-05-20 | Cross-site Scripting (XSS) - Reflected in rtxteam/rtx |
| CVE-2022-25229 | 2022-05-20 | Popcorn Time 0.4.7 has a Stored XSS in the 'Movies... |
| CVE-2022-25227 | 2022-05-20 | Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability... |
| CVE-2022-25224 | 2022-05-20 | Proton v0.2.0 allows an attacker to create a malicious link... |
| CVE-2022-30551 | 2022-05-20 | OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker... |
| CVE-2022-31215 | 2022-05-20 | In certain Goverlan products, the Windows Firewall is temporarily turned... |
| CVE-2022-1784 | 2022-05-20 | Server-Side Request Forgery (SSRF) in jgraph/drawio |
| CVE-2022-29021 | 2022-05-20 | A buffer overflow vulnerability exists in the razerkbd driver of... |
| CVE-2022-29023 | 2022-05-20 | A buffer overflow vulnerability exists in the razermouse driver of... |
| CVE-2022-29022 | 2022-05-20 | A buffer overflow vulnerability exists in the razeraccessory driver of... |
| CVE-2022-26632 | 2022-05-20 | Multi-Vendor Online Groceries Management System v1.0 was discovered to contain... |
| CVE-2022-26633 | 2022-05-20 | Simple Student Quarterly Result/Grade System v1.0 was discovered to contain... |
| CVE-2022-26634 | 2022-05-20 | HMA VPN v5.3.5913.0 contains an unquoted service path which allows... |
| CVE-2022-27094 | 2022-05-20 | Sony PlayMemories Home v6.0 contains an unquoted service path which... |
| CVE-2022-28104 | 2022-05-20 | Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary... |
| CVE-2022-27095 | 2022-05-20 | BattlEye v0.9 contains an unquoted service path which allows attackers... |
| CVE-2022-28105 | 2022-05-20 | Online Sports Complex Booking System v1.0 was discovered to contain... |
| CVE-2022-28106 | 2022-05-20 | Online Sports Complex Booking System v1.0 was discovered to allow... |
| CVE-2022-28991 | 2022-05-20 | Multi Store Inventory Management System v1.0 was discovered to contain... |
| CVE-2022-28992 | 2022-05-20 | A Cross-Site Request Forgery (CSRF) in Online Banquet Booking System... |
| CVE-2022-28993 | 2022-05-20 | Multi Store Inventory Management System v1.0 allows attackers to perform... |
| CVE-2022-29320 | 2022-05-20 | MiniTool Partition Wizard v12.0 contains an unquoted service path which... |
| CVE-2022-30518 | 2022-05-20 | ChatBot Application with a Suggestion Feature 1.0 was discovered to... |
| CVE-2022-30887 | 2022-05-20 | Pharmacy Management System v1.0 was discovered to contain a remote... |
| CVE-2022-30886 | 2022-05-20 | School Dormitory Management System v1.0 was discovered to contain a... |
| CVE-2022-24904 | 2022-05-20 | Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server |
| CVE-2022-24905 | 2022-05-20 | Argo CD login screen allows message spoofing if SSO is enabled |
| CVE-2022-29165 | 2022-05-20 | Argo CD will blindly trust JWT claims if anonymous access is enabled |
| CVE-2022-31245 | 2022-05-20 | mailcow before 2022-05d allows a remote authenticated user to inject... |
| CVE-2022-28660 | 2022-05-20 | The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x... |
| CVE-2021-43729 | 2022-05-20 | Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored... |
| CVE-2021-43728 | 2022-05-20 | Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored... |
| CVE-2021-30028 | 2022-05-20 | SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default... |
| CVE-2022-29159 | 2022-05-20 | Possibility for anyone to add a stack with existing tasks on anyone's board in Nextcloud Deck |
| CVE-2022-24906 | 2022-05-20 | Error in deleting deck cards attachment reveals the full application path in Nextcloud Deck |
| CVE-2022-29160 | 2022-05-20 | Sensitive files/data exist after deletion of user account in Nextcloud Android |
| CVE-2022-29163 | 2022-05-20 | Bypass of password requirements when sharing a folder via the Circles app in Nextcloud Server |
| CVE-2022-29170 | 2022-05-20 | Grafana Enterprise datasource network restrictions bypass via HTTP redirects |
| CVE-2022-29177 | 2022-05-20 | DoS via malicious p2p message in Go-Ethereum |
| CVE-2021-39043 | 2022-05-20 | IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2... |
| CVE-2022-22365 | 2022-05-20 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with... |
| CVE-2022-1770 | 2022-05-20 | Improper Privilege Management in polonel/trudesk |
| CVE-2022-28990 | 2022-05-20 | WASM3 v0.5.0 was discovered to contain a heap overflow via... |
| CVE-2022-29178 | 2022-05-20 | Incorrect Default Permissions in Cilium |
| CVE-2022-28531 | 2022-05-20 | Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL... |
| CVE-2022-29179 | 2022-05-20 | Improper Privilege Management in Cilium |
| CVE-2022-28995 | 2022-05-20 | Rengine v1.0.2 was discovered to contain a remote code execution... |
| CVE-2022-29182 | 2022-05-20 | DOM-based XSS in GoCD |
| CVE-2022-29183 | 2022-05-20 | Reflected XSS in GoCD |
| CVE-2022-29184 | 2022-05-20 | Command Injection/Argument Injection in GoCD |
| CVE-2022-29185 | 2022-05-20 | Observable Timing Discrepancy in totp-rs |
| CVE-2021-36833 | 2022-05-20 | WordPress MC4WP plugin <= 4.8.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29424 | 2022-05-20 | WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29425 | 2022-05-20 | WordPress Checkout Files Upload for WooCommerce plugin <= 2.1.2 - Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29448 | 2022-05-20 | WordPress Herd Effects plugin <= 5.2 - Local File Inclusion (LFI) vulnerability |
| CVE-2022-21195 | 2022-05-20 | Regular Expression Denial of Service (ReDoS) |
| CVE-2022-29426 | 2022-05-20 | WordPress Slideshow, Image Slider by 2J plugin <= 1.3.54 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-24434 | 2022-05-20 | Denial of Service (DoS) |
| CVE-2022-29427 | 2022-05-20 | WordPress Disable Right Click For WP plugin <= 1.1.6 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-29447 | 2022-05-20 | WordPress Hover Effects plugin <= 2.1 - Authenticated Local File Inclusion (LFI) vulnerability |
| CVE-2022-22973 | 2022-05-20 | VMware Workspace ONE Access and Identity Manager contain a privilege... |
| CVE-2022-22972 | 2022-05-20 | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain... |
| CVE-2022-29434 | 2022-05-20 | WordPress Spiffy Calendar plugin <= 4.9.0 - Edit/Delete event via IDOR vulnerability |
| CVE-2022-29186 | 2022-05-20 | Use of Hard-coded Cryptographic Key in rundeck/rundeck, rundeckpro/enterprise |
| CVE-2022-29192 | 2022-05-20 | Missing validation crashes `QuantizeAndDequantizeV4Grad` in TensorFlow |
| CVE-2022-29428 | 2022-05-20 | WordPress WP Slider Plugin <= 1.4.5 - Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29430 | 2022-05-20 | WordPress PNG to JPG plugin <= 4.0 - Cross-Site Request Forgery (CSRF) leading to Persistent Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29431 | 2022-05-20 | Remove CPT base <= 5.8 - CSRF leads to CPT base deletion |
| CVE-2022-29432 | 2022-05-20 | WordPress wpDataTables plugin <= 2.1.27 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-29191 | 2022-05-20 | Missing validation causes denial of service via `GetSessionTensor` in TensorFlow |
| CVE-2022-28618 | 2022-05-20 | A command injection security vulnerability has been identified in HPE... |
| CVE-2022-29194 | 2022-05-20 | Missing validation causes denial of service via `DeleteSessionTensor` in TensorFlow |
| CVE-2022-29193 | 2022-05-20 | Missing validation causes `TensorSummaryV2` in TensorFlow to crash |
| CVE-2022-29200 | 2022-05-20 | Missing validation causes denial of service in TensorFlow via `LSTMBlockCell` |
| CVE-2022-29199 | 2022-05-20 | Missing validation causes denial of service in TensorFlow via `LoadAndRemapMatrix` |
| CVE-2022-1803 | 2022-05-20 | Improper Restriction of Rendered UI Layers or Frames in polonel/trudesk |
| CVE-2022-29198 | 2022-05-20 | Missing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix` |
| CVE-2022-29196 | 2022-05-20 | Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2` |
| CVE-2022-29197 | 2022-05-20 | Missing validation causes denial of service in TensorFlow via `UnsortedSegmentJoin` |
| CVE-2022-29195 | 2022-05-20 | Missing validation causes denial of service in TensorFlow via `StagePeek` |
| CVE-2022-31258 | 2022-05-20 | In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before... |
| CVE-2022-29207 | 2022-05-20 | Undefined behavior when users supply invalid resource handles in TensorFlow |
| CVE-2022-29206 | 2022-05-20 | Missing validation results in undefined behavior in `SparseTensorDenseAdd` in TensorFlow |
| CVE-2022-29205 | 2022-05-20 | Segfault due to missing support for quantized types in TensorFlow |
| CVE-2022-29208 | 2022-05-20 | Segfault and Out-of-bounds Write write due to incomplete validation in TensorFlow |
| CVE-2022-1775 | 2022-05-20 | Weak Password Requirements in polonel/trudesk |
| CVE-2022-29204 | 2022-05-20 | Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2` |
| CVE-2022-29203 | 2022-05-20 | Integer overflow in `SpaceToBatchND` in TensorFlow |
| CVE-2022-29202 | 2022-05-20 | Denial of service in TensorFlow due to lack of validation in `tf.ragged.constant` |
| CVE-2022-29201 | 2022-05-20 | Missing validation in `QuantizedConv2D` results in undefined behavior in TensorFlow |
| CVE-2022-29212 | 2022-05-20 | Core dump when loading TFLite models with quantization in TensorFlow |
| CVE-2022-29211 | 2022-05-20 | Segfault in TensorFlow if `tf.histogram_fixed_width` is called with NaN values |
| CVE-2022-29209 | 2022-05-20 | Type confusion leading to `CHECK`-failure based denial of service in TensorFlow |
| CVE-2022-29210 | 2022-05-20 | Heap buffer overflow due to incorrect hash function in TensorFlow |
| CVE-2022-29213 | 2022-05-20 | Incomplete validation in signal ops leads to crashes in TensorFlow |