CVE List - 2022 / June
Showing 1501 - 1600 of 2149 CVEs for June 2022 (Page 16 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-34008 | 2022-06-21 | Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege... |
| CVE-2022-32973 | 2022-06-21 | An authenticated attacker could create an audit file that bypasses... |
| CVE-2022-32974 | 2022-06-21 | An authenticated attacker could read arbitrary files from the underlying... |
| CVE-2022-27869 | 2022-06-21 | A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can... |
| CVE-2022-27871 | 2022-06-21 | Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases... |
| CVE-2022-27867 | 2022-06-21 | A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021,... |
| CVE-2022-27868 | 2022-06-21 | A maliciously crafted CAT file in Autodesk AutoCAD 2023 can... |
| CVE-2022-27870 | 2022-06-21 | A maliciously crafted TGA file in Autodesk AutoCAD 2023 may... |
| CVE-2022-27872 | 2022-06-21 | A maliciously crafted PDF file may be used to dereference... |
| CVE-2022-22979 | 2022-06-21 | In Spring Cloud Function versions prior to 3.2.6, it is... |
| CVE-2022-23171 | 2022-06-21 | AtlasVPN - Privilege Escalation |
| CVE-2022-1665 | 2022-06-21 | A set of pre-production kernel packages of Red Hat Enterprise... |
| CVE-2022-1833 | 2022-06-21 | A flaw was found in AMQ Broker Operator 7.9.4 installed... |
| CVE-2022-1596 | 2022-06-21 | ABB Relion REX640 Insufficient file access control |
| CVE-2022-26147 | 2022-06-21 | The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection. |
| CVE-2022-30874 | 2022-06-21 | There is a Cross Site Scripting Stored (XSS) vulnerability in... |
| CVE-2022-33995 | 2022-06-21 | A path traversal issue in entry attachments in Devolutions Remote... |
| CVE-2022-2068 | 2022-06-21 | The c_rehash script allows command injection |
| CVE-2021-39006 | 2022-06-21 | IBM QRadar WinCollect Agent 10.0 and 10.0.1 could allow an... |
| CVE-2021-36761 | 2022-06-21 | The GeoAnalytics feature in Qlik Sense April 2020 patch 4... |
| CVE-2021-40511 | 2022-06-21 | OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion... |
| CVE-2021-40510 | 2022-06-21 | XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows... |
| CVE-2022-31095 | 2022-06-21 | Exposure of Sensitive Information in discourse-chat |
| CVE-2022-34176 | 2022-06-22 | Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions... |
| CVE-2022-34177 | 2022-06-22 | Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files... |
| CVE-2022-34300 | 2022-06-22 | In tinyexr 1.0.1, there is a heap-based buffer over-read in... |
| CVE-2022-22967 | 2022-06-22 | An issue was discovered in SaltStack Salt in versions before... |
| CVE-2017-20082 | 2022-06-22 | JUNG Smart Visu Server backdoor |
| CVE-2017-20083 | 2022-06-22 | JUNG Smart Visu Server SSH Server backdoor |
| CVE-2017-20084 | 2022-06-22 | JUNG Smart Visu Server KNX Group Address backdoor |
| CVE-2022-23057 | 2022-06-22 | ERPNext - Stored XSS in My Profile |
| CVE-2022-23056 | 2022-06-22 | ERPNext - Stored XSS leads to account takover |
| CVE-2022-23058 | 2022-06-22 | ERPNext - Stored XSS in My Settings |
| CVE-2022-23055 | 2022-06-22 | ERPNext - Improper user access conrol |
| CVE-2022-21952 | 2022-06-22 | SUMA unauthenticated remote DoS via resource exhaustion |
| CVE-2022-31248 | 2022-06-22 | SUMA user enumeration via weak error message |
| CVE-2022-23077 | 2022-06-22 | Habitica - DOM XSS in login page |
| CVE-2022-23078 | 2022-06-22 | Habitica - Open redirect in login page |
| CVE-2022-2174 | 2022-06-22 | Cross-site Scripting (XSS) - Reflected in microweber/microweber |
| CVE-2022-34296 | 2022-06-22 | In Zalando Skipper before 0.13.218, a query predicate could be... |
| CVE-2022-23079 | 2022-06-22 | motoradmin - host header Injection in the reset password functionality |
| CVE-2022-33105 | 2022-06-22 | Redis v7.0 was discovered to contain a memory leak via... |
| CVE-2022-29526 | 2022-06-22 | Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege... |
| CVE-2022-34298 | 2022-06-22 | The NT auth module in OpenAM before 14.6.6 allows a... |
| CVE-2022-33067 | 2022-06-22 | Lrzip v0.651 was discovered to contain multiple invalid arithmetic shifts... |
| CVE-2022-33068 | 2022-06-22 | An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0... |
| CVE-2022-33069 | 2022-06-22 | Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder::indexOrMemberAssignment() at... |
| CVE-2022-33070 | 2022-06-22 | Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift... |
| CVE-2022-33024 | 2022-06-22 | There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL,... |
| CVE-2022-33026 | 2022-06-22 | LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow... |
| CVE-2022-33027 | 2022-06-22 | LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the... |
| CVE-2022-33028 | 2022-06-22 | LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow... |
| CVE-2022-33025 | 2022-06-22 | LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the... |
| CVE-2022-33032 | 2022-06-22 | LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the... |
| CVE-2022-33033 | 2022-06-22 | LibreDWG v0.12.4.4608 was discovered to contain a double-free via the... |
| CVE-2022-33034 | 2022-06-22 | LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via... |
| CVE-2022-31395 | 2022-06-22 | Algo Communication Products Ltd. 8373 IP Zone Paging Adapter Firmware... |
| CVE-2022-20651 | 2022-06-22 | Cisco Adaptive Security Device Manager Information Disclosure Vulnerability |
| CVE-2022-32535 | 2022-06-22 | Web server runs as root |
| CVE-2022-32534 | 2022-06-22 | OS Command Injection |
| CVE-2022-32536 | 2022-06-22 | Privilege Escalation |
| CVE-2021-26636 | 2022-06-22 | Maxboard Remote Code Execution |
| CVE-2021-26637 | 2022-06-22 | SiHAS Improper Authentication vulnerability |
| CVE-2021-26638 | 2022-06-22 | Xi Smarthome wallpad authentication bypass vulnerability |
| CVE-2022-22980 | 2022-06-22 | A Spring Data MongoDB application is vulnerable to SpEL Injection... |
| CVE-2022-32553 | 2022-06-22 | Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0... |
| CVE-2022-32552 | 2022-06-22 | Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0... |
| CVE-2022-32549 | 2022-06-22 | log injection in Sling logging |
| CVE-2022-32554 | 2022-06-22 | Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0... |
| CVE-2022-34299 | 2022-06-22 | There is a heap-based buffer over-read in libdwarf 0.4.0. This... |
| CVE-2022-31787 | 2022-06-22 | IdeaTMS 2022 is vulnerable to SQL Injection via the PATH_INFO |
| CVE-2022-34170 | 2022-06-22 | In Jenkins 2.320 through 2.355 (both inclusive) and LTS 2.332.1... |
| CVE-2022-34171 | 2022-06-22 | In Jenkins 2.321 through 2.355 (both inclusive) and LTS 2.332.1... |
| CVE-2022-34172 | 2022-06-22 | In Jenkins 2.340 through 2.355 (both inclusive) symbol-based icons unescape... |
| CVE-2022-34173 | 2022-06-22 | In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of... |
| CVE-2022-34174 | 2022-06-22 | In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an... |
| CVE-2022-34175 | 2022-06-22 | Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some... |
| CVE-2022-34178 | 2022-06-22 | Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a 'link'... |
| CVE-2022-34179 | 2022-06-22 | Jenkins Embeddable Build Status Plugin 2.0.3 and earlier allows specifying... |
| CVE-2022-34180 | 2022-06-22 | Jenkins Embeddable Build Status Plugin 2.0.3 and earlier does not... |
| CVE-2022-34181 | 2022-06-22 | Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message... |
| CVE-2022-34182 | 2022-06-22 | Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does... |
| CVE-2022-34183 | 2022-06-22 | Jenkins Agent Server Parameter Plugin 1.1 and earlier does not... |
| CVE-2022-34184 | 2022-06-22 | Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does... |
| CVE-2022-34185 | 2022-06-22 | Jenkins Date Parameter Plugin 0.0.4 and earlier does not escape... |
| CVE-2022-34186 | 2022-06-22 | Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does... |
| CVE-2022-34187 | 2022-06-22 | Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not... |
| CVE-2022-34188 | 2022-06-22 | Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape... |
| CVE-2022-34189 | 2022-06-22 | Jenkins Image Tag Parameter Plugin 1.10 and earlier does not... |
| CVE-2022-34190 | 2022-06-22 | Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1... |
| CVE-2022-34191 | 2022-06-22 | Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and earlier does... |
| CVE-2022-34192 | 2022-06-22 | Jenkins ontrack Jenkins Plugin 4.0.0 and earlier does not escape... |
| CVE-2022-34193 | 2022-06-22 | Jenkins Package Version Plugin 1.0.1 and earlier does not escape... |
| CVE-2022-34194 | 2022-06-22 | Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape... |
| CVE-2022-34195 | 2022-06-22 | Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape... |
| CVE-2022-34196 | 2022-06-22 | Jenkins REST List Parameter Plugin 1.5.2 and earlier does not... |
| CVE-2022-34197 | 2022-06-22 | Jenkins Sauce OnDemand Plugin 1.204 and earlier does not escape... |
| CVE-2022-34198 | 2022-06-22 | Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not... |
| CVE-2022-34199 | 2022-06-22 | Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier stores passwords... |
| CVE-2022-34200 | 2022-06-22 | A cross-site request forgery (CSRF) vulnerability in Jenkins Convertigo Mobile... |