CVE List - 2022 / July
Showing 501 - 600 of 1977 CVEs for July 2022 (Page 6 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-34740 | 2022-07-11 | The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. |
| CVE-2022-34741 | 2022-07-11 | The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. |
| CVE-2022-34739 | 2022-07-11 | The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings. |
| CVE-2022-34742 | 2022-07-11 | The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
| CVE-2022-34737 | 2022-07-11 | The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality. |
| CVE-2022-34738 | 2022-07-11 | The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background. |
| CVE-2021-40012 | 2022-07-11 | Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality. |
| CVE-2021-40013 | 2022-07-11 | Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity. |
| CVE-2021-40016 | 2022-07-11 | Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality. |
| CVE-2021-39999 | 2022-07-11 | There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient... |
| CVE-2022-31138 | 2022-07-11 | OS Command Injection in mailcow |
| CVE-2022-2366 | 2022-07-11 | Incorrect defaults can cause attackers to bypass rate limitations |
| CVE-2021-36665 | 2022-07-11 | An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon. |
| CVE-2021-36666 | 2022-07-11 | An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. |
| CVE-2021-36667 | 2022-07-11 | Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python... |
| CVE-2021-36668 | 2022-07-11 | URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App. |
| CVE-2020-4138 | 2022-07-11 | IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049. |
| CVE-2020-4150 | 2022-07-11 | IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of... |
| CVE-2022-31904 | 2022-07-11 | EGT-Kommunikationstechnik UG Mediacenter before v2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Online_Update.php. |
| CVE-2022-31139 | 2022-07-11 | No security checking for UnsafeAccess.getInstance() in UnsafeAccessor |
| CVE-2020-29505 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability. |
| CVE-2020-29506 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. |
| CVE-2020-29507 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. |
| CVE-2020-29508 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability. |
| CVE-2020-35163 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability. |
| CVE-2020-35164 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. |
| CVE-2020-35166 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. |
| CVE-2020-35167 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. |
| CVE-2020-35168 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. |
| CVE-2020-35169 | 2022-07-11 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability. |
| CVE-2022-31140 | 2022-07-11 | Valinor error messages leading to potential data exfiltration |
| CVE-2022-31073 | 2022-07-11 | KubeEdge Edge ServiceBus module DoS |
| CVE-2022-31074 | 2022-07-11 | KubeEdge Cloud AdmissionController component DoS |
| CVE-2022-31075 | 2022-07-11 | KubeEdge DoS when signing the CSR from EdgeCore |
| CVE-2022-31078 | 2022-07-11 | KubeEdge CloudCore Router memory exhaustion |
| CVE-2022-31079 | 2022-07-11 | KubeEdge Cloud Stream and Edge Stream DoS from large stream message |
| CVE-2022-31080 | 2022-07-11 | KubeEdge Websocket Client in package Viaduct: DoS from large response message |
| CVE-2022-29187 | 2022-07-12 | Bypass of safe.directory protections in Git |
| CVE-2022-29901 | 2022-07-12 | Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed) |
| CVE-2022-34821 | 2022-07-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2), SCALANCE M804PB (6GK5804-0AP00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2), SCALANCE M816-1 ADSL-Router... |
| CVE-2022-35648 | 2022-07-12 | Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers to cause a denial of service (fall) by connecting... |
| CVE-2022-22682 | 2022-07-12 | Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Event Management in Synology Calendar before 2.4.5-10930 allows remote authenticated users to inject arbitrary web script or HTML... |
| CVE-2021-44221 | 2022-07-12 | A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing... |
| CVE-2021-44222 | 2022-07-12 | A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This... |
| CVE-2022-26647 | 2022-07-12 | A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT... |
| CVE-2022-26648 | 2022-07-12 | A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT... |
| CVE-2022-26649 | 2022-07-12 | A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT... |
| CVE-2022-29560 | 2022-07-12 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM ROX MX5000RE (All versions < 2.15.1), RUGGEDCOM ROX RX1400 (All versions < 2.15.1), RUGGEDCOM ROX RX1500... |
| CVE-2022-29884 | 2022-07-12 | A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < CPC80 V16.30), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < CPC80 V16.30), CP-8021 MASTER... |
| CVE-2022-30938 | 2022-07-12 | A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions... |
| CVE-2022-31257 | 2022-07-12 | A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All... |
| CVE-2022-33137 | 2022-07-12 | A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S... |
| CVE-2022-33138 | 2022-07-12 | A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S... |
| CVE-2022-33736 | 2022-07-12 | A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during... |
| CVE-2022-34272 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34273 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially... |
| CVE-2022-34274 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially... |
| CVE-2022-34275 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially... |
| CVE-2022-34276 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially... |
| CVE-2022-34277 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34278 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34279 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34280 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34281 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34282 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34283 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34284 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially... |
| CVE-2022-34285 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34286 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially... |
| CVE-2022-34287 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to... |
| CVE-2022-34288 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when... |
| CVE-2022-34289 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially... |
| CVE-2022-34290 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to... |
| CVE-2022-34291 | 2022-07-12 | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to... |
| CVE-2022-34464 | 2022-07-12 | A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). The affected application uses an improperly protected file to import SSH keys. This could allow attackers with... |
| CVE-2022-34465 | 2022-07-12 | A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions <... |
| CVE-2022-34466 | 2022-07-12 | A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 < V9.15), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.3). An expression injection... |
| CVE-2022-34467 | 2022-07-12 | A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). The affected... |
| CVE-2022-34663 | 2022-07-12 | A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200,... |
| CVE-2022-34748 | 2022-07-12 | A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing... |
| CVE-2022-34819 | 2022-07-12 | A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46),... |
| CVE-2022-34820 | 2022-07-12 | A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46),... |
| CVE-2021-38289 | 2022-07-12 | An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and... |
| CVE-2022-2262 | 2022-07-12 | Online Hotel Booking System Room edit_all_room.php sql injection |
| CVE-2022-2263 | 2022-07-12 | Online Hotel Booking System Room edit_room_cat.php sql injection |
| CVE-2022-2291 | 2022-07-12 | SourceCodester Hotel Management System Search search cross site scripting |
| CVE-2022-2292 | 2022-07-12 | SourceCodester Hotel Management System Room Edit Page 1 cross site scripting |
| CVE-2022-2293 | 2022-07-12 | SourceCodester Simple Sales Management System create cross site scripting |
| CVE-2022-25303 | 2022-07-12 | Cross-site Scripting (XSS) |
| CVE-2022-25875 | 2022-07-12 | Cross-site Scripting (XSS) |
| CVE-2022-2385 | 2022-07-12 | AccessKeyID validation bypass |
| CVE-2022-29900 | 2022-07-12 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. |
| CVE-2022-2297 | 2022-07-12 | SourceCodester Clinics Patient Management System unrestricted upload |
| CVE-2022-2298 | 2022-07-12 | SourceCodester Clinics Patient Management System Login Page index.php sql injection |
| CVE-2022-2363 | 2022-07-12 | SourceCodester Simple Parking Management System cross site scripting |
| CVE-2022-2364 | 2022-07-12 | SourceCodester Simple Parking Management System category cross site scripting |
| CVE-2020-4157 | 2022-07-12 | IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components,... |
| CVE-2020-4159 | 2022-07-12 | IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339. |
| CVE-2021-39041 | 2022-07-12 | IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028. |
| CVE-2022-24800 | 2022-07-12 | Race Condition in October CMS upload process |