CVE List - 2022 / May
Showing 401 - 500 of 2161 CVEs for May 2022 (Page 5 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-25268 | 2022-05-05 | Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from... |
| CVE-2022-27411 | 2022-05-05 | TOTOLINK N600R v5.3c.5507_B20171031 was discovered to contain a command injection... |
| CVE-2022-27360 | 2022-05-05 | SpringBlade v3.2.0 and below was discovered to contain a SQL... |
| CVE-2022-27359 | 2022-05-05 | Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1... |
| CVE-2022-27337 | 2022-05-05 | A logic error in the Hints::Hints function of Poppler v22.03.0... |
| CVE-2022-29176 | 2022-05-05 | Unauthorized gem takeover for some gems on rubygems.org |
| CVE-2022-29535 | 2022-05-05 | Zoho ManageEngine OPManager through 125588 allows SQL Injection via a... |
| CVE-2022-29173 | 2022-05-05 | No protection against rollback attacks in go-tuf |
| CVE-2022-29172 | 2022-05-05 | HTML injection with additional signup fields |
| CVE-2022-29167 | 2022-05-05 | ReDoS vulnerability in header parsing in hawk |
| CVE-2022-29166 | 2022-05-05 | Improper handling of multiline messages in matrix-appservice-irc |
| CVE-2022-29164 | 2022-05-05 | Privilege Escalation in argo-workflows |
| CVE-2022-29171 | 2022-05-05 | Remote Code Execution in sourcegraph |
| CVE-2022-24902 | 2022-05-05 | Memory issue in playing videos |
| CVE-2022-29161 | 2022-05-05 | Crypto script service uses hashing algorithm SHA1 with RSA for certificate signature in xwiki-platform |
| CVE-2022-24899 | 2022-05-05 | Cross site scripting via canonical tag |
| CVE-2022-24884 | 2022-05-05 | Trivial signature forgery in ecdsautils |
| CVE-2022-28005 | 2022-05-06 | An issue was discovered in the 3CX Phone System Management... |
| CVE-2022-24817 | 2022-05-06 | Improper kubeconfig validation allows arbitrary code execution |
| CVE-2021-25745 | 2022-05-06 | Ingress-nginx path can be pointed to service account token file |
| CVE-2021-25746 | 2022-05-06 | Ingress-nginx directive injection via annotations |
| CVE-2022-24877 | 2022-05-06 | Improper path handling in kustomization files allows path traversal |
| CVE-2022-24878 | 2022-05-06 | Improper path handling in Kustomization files allows for denial of service |
| CVE-2022-30293 | 2022-05-06 | In WebKitGTK through 2.36.0 (and WPE WebKit), there is a... |
| CVE-2022-30295 | 2022-05-06 | uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS... |
| CVE-2022-24823 | 2022-05-06 | Local Information Disclosure Vulnerability in io.netty:netty-codec-http |
| CVE-2022-28969 | 2022-05-06 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow... |
| CVE-2022-28970 | 2022-05-06 | Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow... |
| CVE-2022-28971 | 2022-05-06 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow... |
| CVE-2022-28972 | 2022-05-06 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow... |
| CVE-2022-28973 | 2022-05-06 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow... |
| CVE-2020-19212 | 2022-05-06 | SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the... |
| CVE-2020-19213 | 2022-05-06 | SQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the... |
| CVE-2020-19215 | 2022-05-06 | SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the... |
| CVE-2020-19216 | 2022-05-06 | SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the... |
| CVE-2020-19217 | 2022-05-06 | SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the... |
| CVE-2021-39023 | 2022-05-06 | IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow... |
| CVE-2021-39027 | 2022-05-06 | IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a... |
| CVE-2022-21934 | 2022-05-06 | Metasys Unverified Password Change |
| CVE-2022-28164 | 2022-05-06 | Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric... |
| CVE-2022-28163 | 2022-05-06 | In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated... |
| CVE-2022-28165 | 2022-05-06 | A vulnerability in the role-based access control (RBAC) functionality of... |
| CVE-2022-28545 | 2022-05-06 | FUDforum 3.1.1 is vulnerable to Stored XSS. |
| CVE-2021-26253 | 2022-05-06 | Bypass of Splunk Enterprise's implementation of DUO MFA |
| CVE-2021-31559 | 2022-05-06 | S2S TcpToken authentication bypass |
| CVE-2021-33845 | 2022-05-06 | Username enumeration through lockout message in REST API |
| CVE-2021-42743 | 2022-05-06 | Local privilege escalation via a default path in Splunk Enterprise Windows |
| CVE-2022-26070 | 2022-05-06 | Error message discloses internal path |
| CVE-2022-26889 | 2022-05-06 | Path Traversal in search parameter results in external content injection |
| CVE-2022-27183 | 2022-05-06 | Reflected XSS in a query parameter of the Monitoring Console |
| CVE-2022-28507 | 2022-05-06 | Dragon Path Technologies Bharti Airtel Routers Hardware BDT-121 version 1.0... |
| CVE-2022-1053 | 2022-05-06 | Keylime does not enforce that the agent registrar data is... |
| CVE-2021-36912 | 2022-05-06 | Andrea Pernici News Sitemap for Google plugin <= 1.0.16 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29420 | 2022-05-06 | WordPress Countdown & Clock plugin <= 2.3.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29421 | 2022-05-06 | WordPress Countdown & Clock plugin <= 2.3.2 - Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-23205 | 2022-05-06 | Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-24098 | 2022-05-06 | Adobe Photoshop PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| CVE-2022-24099 | 2022-05-06 | Adobe Photoshop Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-24105 | 2022-05-06 | Adobe Photoshop U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28270 | 2022-05-06 | Adobe Photoshop SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28271 | 2022-05-06 | Adobe Photoshop PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-28272 | 2022-05-06 | Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28273 | 2022-05-06 | Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28274 | 2022-05-06 | Adobe Photoshop Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2022-28275 | 2022-05-06 | Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28276 | 2022-05-06 | Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28277 | 2022-05-06 | Adobe Photoshop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28278 | 2022-05-06 | Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-28279 | 2022-05-06 | Adobe Photoshop Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-27783 | 2022-05-06 | Adobe After Effects Stack Buffer Overflow Could Lead To RCE |
| CVE-2022-27784 | 2022-05-06 | Adobe After Effects Stack Buffer Overflow Could Lead To RCE |
| CVE-2019-12254 | 2022-05-06 | TECSON/GOK: Improper Authentication and Access Control on multiple devices |
| CVE-2022-29422 | 2022-05-06 | WordPress Countdown & Clock plugin <= 2.3.2 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-29423 | 2022-05-06 | WordPress Countdown & Clock plugin <= 2.3.2 - Pro Features Lock Bypass vulnerability |
| CVE-2022-23802 | 2022-05-06 | Extension - Insecure Permissions within Joomla Guru extensions |
| CVE-2022-27909 | 2022-05-06 | Extension - Incorrect Access Control within jdownloads extension |
| CVE-2021-27751 | 2022-05-06 | HCL Commerce is affected by an Insufficient Session Expiration vulnerability. |
| CVE-2021-27758 | 2022-05-06 | There is a security vulnerability in login form related to... |
| CVE-2021-27759 | 2022-05-06 | This vulnerability arises because the application allows the user to... |
| CVE-2021-27760 | 2022-05-06 | HCL Notes 11.0 - 11.0.1 FP4 Sametime Embedded chat clients are vulnerable to group chats loading script on restart |
| CVE-2021-27761 | 2022-05-06 | HCL BigFix Platform is affected by weak web transport security |
| CVE-2021-27762 | 2022-05-06 | HCL BigFix Platform is affected by misconfigured security-related HTTP headers |
| CVE-2021-27764 | 2022-05-06 | HCL BigFix WebUI Cookie missing attributes |
| CVE-2021-27765 | 2022-05-06 | HCL BigFix Platform Server API is affected by Privilege Escalation Vulnerability |
| CVE-2021-27766 | 2022-05-06 | HCL BigFix Platform Client is affected by a Privilege Escalation Vulnerability |
| CVE-2021-27767 | 2022-05-06 | HCL BigFix Platform Console is affected by a Privilege Escalation Vulnerability |
| CVE-2022-25324 | 2022-05-06 | Denial of Service (DoS) |
| CVE-2021-23792 | 2022-05-06 | XML External Entity (XXE) Injection |
| CVE-2021-23592 | 2022-05-06 | Deserialization of Untrusted Data |
| CVE-2022-1616 | 2022-05-07 | Use after free in append_command in vim/vim |
| CVE-2022-30330 | 2022-05-07 | In the KeepKey firmware before 7.3.2,Flaws in the supervisor interface... |
| CVE-2022-29180 | 2022-05-07 | Charm vulnerable to server-side request forgery (SSRF) |
| CVE-2022-30334 | 2022-05-07 | Brave before 1.34, when a Private Window with Tor Connectivity... |
| CVE-2022-1619 | 2022-05-08 | Heap-based Buffer Overflow in function cmdline_erase_chars in vim/vim |
| CVE-2022-1620 | 2022-05-08 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in vim/vim |
| CVE-2022-28463 | 2022-05-08 | ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. |
| CVE-2018-25033 | 2022-05-08 | ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1... |
| CVE-2022-28470 | 2022-05-08 | marcador package in PyPI 0.1 through 0.13 included a code-execution... |
| CVE-2022-1621 | 2022-05-09 | Heap buffer overflow in vim_strncpy find_word in vim/vim |
| CVE-2022-28738 | 2022-05-09 | A double free was found in the Regexp compiler in... |