CVE List - 2022 / May
Showing 2001 - 2100 of 2161 CVEs for May 2022 (Page 21 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-30496 | 2022-05-27 | SQL injection in Logon Page of IDCE MV's application, version... |
| CVE-2022-24238 | 2022-05-27 | ACEweb Online Portal 3.5.065 was discovered to contain a cross-site... |
| CVE-2022-24239 | 2022-05-27 | ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted... |
| CVE-2022-24240 | 2022-05-27 | ACEweb Online Portal 3.5.065 was discovered to contain a SQL... |
| CVE-2022-24241 | 2022-05-27 | ACEweb Online Portal 3.5.065 was discovered to contain an External... |
| CVE-2022-24581 | 2022-05-27 | ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via... |
| CVE-2022-29692 | 2022-05-27 | Unicorn Engine v1.0.3 was discovered to contain a use-after-free vulnerability... |
| CVE-2022-29693 | 2022-05-27 | Unicorn Engine v2.0.0-rc7 and below was discovered to contain a... |
| CVE-2022-29694 | 2022-05-27 | Unicorn Engine v2.0.0-rc7 and below was discovered to contain a... |
| CVE-2022-29695 | 2022-05-27 | Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete... |
| CVE-2022-25878 | 2022-05-27 | Prototype Pollution |
| CVE-2022-29628 | 2022-05-27 | A cross-site scripting (XSS) vulnerability in /omps/seller of Online Market... |
| CVE-2022-29627 | 2022-05-27 | An insecure direct object reference (IDOR) in Online Market Place... |
| CVE-2022-31782 | 2022-05-27 | ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based... |
| CVE-2022-1927 | 2022-05-29 | Buffer Over-read in vim/vim |
| CVE-2022-1928 | 2022-05-29 | Cross-site Scripting (XSS) - Stored in go-gitea/gitea |
| CVE-2022-31796 | 2022-05-29 | libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in... |
| CVE-2022-24967 | 2022-05-29 | Black Rainbow NIMBUS before 3.7.0 allows stored Cross-site Scripting (XSS). |
| CVE-2022-31799 | 2022-05-29 | Bottle before 0.12.20 mishandles errors during early request binding. |
| CVE-2022-1203 | 2022-05-30 | Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update |
| CVE-2022-0376 | 2022-05-30 | User Meta < 2.4.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-0642 | 2022-05-30 | JivoChat < 1.3.5.4 - Stored Cross-Site Scripting via CSRF |
| CVE-2022-1009 | 2022-05-30 | Smush < 3.9.9 - Admin+ Reflected Cross-Site Scripting |
| CVE-2022-1275 | 2022-05-30 | BannerMan <= 0.2.4 - Multiple Admin+ Stored Cross-Site Scripting |
| CVE-2022-1294 | 2022-05-30 | IMDB info box <= 2.0 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1299 | 2022-05-30 | Slideshow <= 2.3.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1387 | 2022-05-30 | No Future Posts <= 1.4 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1395 | 2022-05-30 | Easy FAQ with Expanding Text <= 3.2.8.3.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1456 | 2022-05-30 | Poll Maker < 4.0.2 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1527 | 2022-05-30 | WP 2FA < 2.2.1 - Reflected Cross-Site Scripting |
| CVE-2022-1528 | 2022-05-30 | VikBooking < 1.5.9 - Reflected Cross-Site Scripting |
| CVE-2022-1542 | 2022-05-30 | HPB Dashboard <= 1.3.1 - Admin+ Stored Cross Site Scripting |
| CVE-2022-1556 | 2022-05-30 | StaffList < 3.1.5 - Admin+ SQLi |
| CVE-2022-1562 | 2022-05-30 | Enable SVG < 1.4.0 - Author+ Stored Cross Site Scripting via SVG |
| CVE-2022-1564 | 2022-05-30 | Form Maker By 10Web < 1.14.12 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1566 | 2022-05-30 | Quotes llama < 1.0.0 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1568 | 2022-05-30 | Team Members < 5.1.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1582 | 2022-05-30 | External Links in New Window / New Tab < 1.43 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2022-1583 | 2022-05-30 | External Links in New Window / New Tab < 1.43 - Tabnabbing |
| CVE-2022-1589 | 2022-05-30 | Change wp-admin Login < 1.1.0 - Unauthenticated Arbitrary Settings Update |
| CVE-2022-1611 | 2022-05-30 | Bulk Page Creator < 1.1.4 - Arbitrary Page Creation via CSRF |
| CVE-2022-1643 | 2022-05-30 | Birthdays Widget <= 1.7.18 - Admin+ Stored Cross Site Scripting |
| CVE-2022-1644 | 2022-05-30 | Call&Book Mobile Bar <= 1.2.2 - Admin+ Stored Cross Site Scripting |
| CVE-2022-1645 | 2022-05-30 | Amazon Link <= 3.2.10 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-1646 | 2022-05-30 | Simple Real Estate Pack <= 1.4.8 - Admin+ Stored Cross Site Scripting |
| CVE-2022-28799 | 2022-05-30 | The TikTok application before 23.7.3 for Android allows account takeover.... |
| CVE-2020-28246 | 2022-05-31 | A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0.... |
| CVE-2022-1215 | 2022-05-31 | A format string vulnerability was found in libinput |
| CVE-2022-1462 | 2022-05-31 | An out-of-bounds read flaw was found in the Linux kernel’s... |
| CVE-2022-1942 | 2022-05-31 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-31001 | 2022-05-31 | Out-of-bounds Read in Sofia-SIP |
| CVE-2022-31002 | 2022-05-31 | Out-of-bounds Read in Sofia-SIP |
| CVE-2022-31003 | 2022-05-31 | Heap-based Buffer Overflow and Out-of-bounds Write in Sofia-SIP |
| CVE-2022-1931 | 2022-05-31 | Incorrect Synchronization in polonel/trudesk |
| CVE-2022-1934 | 2022-05-31 | Use After Free in mruby/mruby |
| CVE-2022-26491 | 2022-05-31 | An issue was discovered in Pidgin before 2.14.9. A remote... |
| CVE-2022-1926 | 2022-05-31 | Integer Overflow or Wraparound in polonel/trudesk |
| CVE-2021-3555 | 2022-05-31 | A Buffer Overflow vulnerability in the RSTP server component of... |
| CVE-2022-31500 | 2022-05-31 | In KNIME Analytics Platform below 4.6.0, the Windows installer sets... |
| CVE-2022-30034 | 2022-05-31 | Flower, a web UI for the Celery Python RPC framework,... |
| CVE-2022-29711 | 2022-05-31 | LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-29712 | 2022-05-31 | LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities... |
| CVE-2022-30973 | 2022-05-31 | Missing fix for CVE-2022-30126 in 1.28.2 |
| CVE-2022-29725 | 2022-05-31 | An arbitrary file upload in the image upload component of... |
| CVE-2022-23082 | 2022-05-31 | CureKit - Path Traversal in isFileOutsideDir |
| CVE-2022-31338 | 2022-05-31 | Online Ordering System 2.3.2 is vulnerable to SQL Injection via... |
| CVE-2022-31337 | 2022-05-31 | Online Ordering System 2.3.2 is vulnerable to SQL Injection via... |
| CVE-2022-31336 | 2022-05-31 | Online Ordering System 2.3.2 is vulnerable to SQL Injection via... |
| CVE-2022-31335 | 2022-05-31 | Online Ordering System 2.3.2 is vulnerable to SQL Injection via... |
| CVE-2022-30794 | 2022-05-31 | Online Ordering System v1.0 by oretnom23 is vulnerable to SQL... |
| CVE-2022-30795 | 2022-05-31 | Online Ordering System v1.0 by oretnom23 is vulnerable to SQL... |
| CVE-2022-30797 | 2022-05-31 | Online Ordering System 1.0 by oretnom23 is vulnerable to SQL... |
| CVE-2022-30798 | 2022-05-31 | Online Ordering System v1.0 by oretnom23 is vulnerable to SQL... |
| CVE-2022-30799 | 2022-05-31 | Online Ordering System v1.0 by oretnom23 has SQL injection via... |
| CVE-2022-31327 | 2022-05-31 | Online Ordering System By janobe 2.3.2 is vulneranle to SQL... |
| CVE-2022-31328 | 2022-05-31 | Online Ordering System By janobe 2.3.2 has SQL Injection via... |
| CVE-2022-31329 | 2022-05-31 | Online Ordering System By janobe 2.3.2 is vulnerable to SQL... |
| CVE-2022-22361 | 2022-05-31 | IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through... |
| CVE-2022-30816 | 2022-05-31 | elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.php. |
| CVE-2022-30815 | 2022-05-31 | elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar= |
| CVE-2022-29220 | 2022-05-31 | No verification of commits origin in github-action-merge-dependabot |
| CVE-2022-29243 | 2022-05-31 | Improper input-size validation on the user new session name in Nextcloud Server |
| CVE-2022-30814 | 2022-05-31 | elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php. |
| CVE-2022-30813 | 2022-05-31 | elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php. |
| CVE-2022-30810 | 2022-05-31 | elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php. |
| CVE-2022-30809 | 2022-05-31 | elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=. |
| CVE-2022-30808 | 2022-05-31 | elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php. |
| CVE-2022-30804 | 2022-05-31 | elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=. |
| CVE-2021-42195 | 2022-05-31 | An issue was discovered in swftools through 20201222. A heap-buffer-overflow... |
| CVE-2022-30817 | 2022-05-31 | Simple Bus Ticket Booking System 1.0 is vulnerable to SQL... |
| CVE-2022-29245 | 2022-05-31 | Weak private key generation in SSH.NET |
| CVE-2021-42196 | 2022-05-31 | An issue was discovered in swftools through 20201222. A NULL... |
| CVE-2022-29258 | 2022-05-31 | Cross-site Scripting in Filter Stream Converter Application in XWiki Platform |
| CVE-2021-42197 | 2022-05-31 | An issue was discovered in swftools through 20201222 through a... |
| CVE-2022-30836 | 2022-05-31 | Wedding Management System v1.0 is vulnerable to SQL Injection. via... |
| CVE-2022-30835 | 2022-05-31 | Wedding Management System v1.0 is vulnerable to SQL Injection. via... |
| CVE-2022-30834 | 2022-05-31 | Wedding Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2022-30818 | 2022-05-31 | Wedding Management System v1.0 is vulnerable to SQL injection via... |
| CVE-2022-30833 | 2022-05-31 | Wedding Management System v1.0 is vulnerable to SQL Injection via... |
| CVE-2021-42198 | 2022-05-31 | An issue was discovered in swftools through 20201222. A NULL... |