CVE List - 2022 / August
Showing 1001 - 1100 of 2306 CVEs for August 2022 (Page 11 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-2624 | 2022-08-12 | Heap buffer overflow in PDF in Google Chrome prior to... |
| CVE-2022-2800 | 2022-08-12 | SourceCodester Gym Management System clickjacking |
| CVE-2022-2801 | 2022-08-12 | SourceCodester Automated Beer Parlour Billing System Login sql injection |
| CVE-2022-2802 | 2022-08-12 | SourceCodester Gas Agency Management System login.php sql injection |
| CVE-2022-2803 | 2022-08-12 | SourceCodester Zoo Management System animals.php sql injection |
| CVE-2022-2804 | 2022-08-12 | SourceCodester Zoo Management System apply_vacancy.php unrestricted upload |
| CVE-2022-35953 | 2022-08-12 | URL Redirection to Untrusted Site ('Open Redirect') in bookwyrm |
| CVE-2022-35956 | 2022-08-12 | update_by_case before 0.1.3 vulnerable to sql injection |
| CVE-2022-35943 | 2022-08-12 | SameSite may allow cross-site request forgery (CSRF) protection to be bypassed |
| CVE-2022-35942 | 2022-08-12 | loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter |
| CVE-2022-35948 | 2022-08-13 | CRLF Injection in Nodejs ‘undici’ via Content-Type |
| CVE-2022-37400 | 2022-08-13 | Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password |
| CVE-2022-37401 | 2022-08-13 | Apache OpenOffice Weak Master Keys |
| CVE-2022-35954 | 2022-08-13 | Delimiter injection vulnerability in @actions/core exportVariable |
| CVE-2022-35961 | 2022-08-14 | ECDSA signature malleability in OpenZeppelin Contracts |
| CVE-2022-36006 | 2022-08-14 | Authenticated remote code execution due to insecure deserialization (GHSL-2022-063) |
| CVE-2022-36007 | 2022-08-14 | Partial Path Traversal in com.github.jlangch:venice |
| CVE-2022-2811 | 2022-08-14 | SourceCodester Guest Management System myform.php cross site scripting |
| CVE-2022-2812 | 2022-08-14 | SourceCodester Guest Management System index.php sql injection |
| CVE-2022-2813 | 2022-08-14 | SourceCodester Guest Management System cleartext storage |
| CVE-2020-21365 | 2022-08-15 | Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers... |
| CVE-2022-2816 | 2022-08-15 | Out-of-bounds Read in vim/vim |
| CVE-2022-2817 | 2022-08-15 | Use After Free in vim/vim |
| CVE-2022-2819 | 2022-08-15 | Heap-based Buffer Overflow in vim/vim |
| CVE-2022-38223 | 2022-08-15 | There is an out-of-bounds write in checkType located in etc.c... |
| CVE-2022-38221 | 2022-08-15 | A buffer overflow in the FTcpListener thread in The Isle... |
| CVE-2022-38222 | 2022-08-15 | There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc... |
| CVE-2022-2814 | 2022-08-15 | SourceCodester Simple and Nice Shopping Cart Script login.php cross site scripting |
| CVE-2022-2116 | 2022-08-15 | Elementor Contact Form DB < 1.8.0 - Reflected Cross-Site Scripting |
| CVE-2022-2152 | 2022-08-15 | Duplicate Page and Post Plugin < 2.8 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-2180 | 2022-08-15 | GREYD.SUITE < 1.2.7 - Unauthenticated File Upload to RCE |
| CVE-2022-2314 | 2022-08-15 | VR Calendar < 2.3.2 - Unauthenticated Arbitrary Function Call |
| CVE-2022-2354 | 2022-08-15 | WP-DBManager < 2.80.8 - Admin+ Remote Command Execution |
| CVE-2022-2378 | 2022-08-15 | Easy Student Results <= 2.2.8 - Reflected Cross-Site Scripting |
| CVE-2022-2379 | 2022-08-15 | Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API |
| CVE-2022-2381 | 2022-08-15 | E Unlocked - Student Result <= 1.0.4 - Arbitrary File Upload via CSRF |
| CVE-2022-2384 | 2022-08-15 | Digital Publications by Supsystic < 1.7.4 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-2535 | 2022-08-15 | SearchWP Live Ajax Search < 1.6.2 - Unauthenticated Arbitrary Post Title Disclosure |
| CVE-2022-2818 | 2022-08-15 | Improper Removal of Sensitive Information Before Storage or Transfer in cockpit-hq/cockpit |
| CVE-2022-2822 | 2022-08-15 | Authentication Bypass by Primary Weakness in octoprint/octoprint |
| CVE-2022-2821 | 2022-08-15 | Missing Critical Step in Authentication in namelessmc/nameless |
| CVE-2022-2820 | 2022-08-15 | Session Fixation in namelessmc/nameless |
| CVE-2022-36262 | 2022-08-15 | An issue was discovered in taocms 3.0.2. in the website... |
| CVE-2022-33993 | 2022-08-15 | Misinterpretation of special domain name characters in DNRD (aka Domain... |
| CVE-2022-33992 | 2022-08-15 | DNRD (aka Domain Name Relay Daemon) 2.20.3 forwards and caches... |
| CVE-2022-34294 | 2022-08-15 | totd 1.5.3 uses a fixed UDP source port in upstream... |
| CVE-2022-33988 | 2022-08-15 | dproxy-nexgen (aka dproxy nexgen) re-uses the DNS transaction id (TXID)... |
| CVE-2022-33989 | 2022-08-15 | dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port... |
| CVE-2022-33990 | 2022-08-15 | Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy... |
| CVE-2022-33991 | 2022-08-15 | dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with... |
| CVE-2022-2824 | 2022-08-15 | Authorization Bypass Through User-Controlled Key in openemr/openemr |
| CVE-2022-35623 | 2022-08-15 | In Nordic nRF5 SDK for Mesh 5.0, a heap overflow... |
| CVE-2022-35624 | 2022-08-15 | In Nordic nRF5 SDK for Mesh 5.0, a heap overflow... |
| CVE-2022-36523 | 2022-08-15 | D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to command injection... |
| CVE-2022-36524 | 2022-08-15 | D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Static Default... |
| CVE-2022-36525 | 2022-08-15 | D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Buffer Overflow... |
| CVE-2022-36526 | 2022-08-15 | D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Authentication Bypass... |
| CVE-2022-36010 | 2022-08-15 | Arbitrary code execution via function parsing in react-editable-json-tree |
| CVE-2022-24654 | 2022-08-15 | Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server Address"... |
| CVE-2022-35978 | 2022-08-15 | Lua sandbox escape from mod in Minetest |
| CVE-2020-21641 | 2022-08-15 | Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics... |
| CVE-2020-21642 | 2022-08-15 | Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho... |
| CVE-2020-23622 | 2022-08-15 | An issue in the UPnP protocol in 4thline cling 2.0.0... |
| CVE-2022-34711 | 2022-08-15 | Windows Defender Credential Guard Elevation of Privilege Vulnerability |
| CVE-2022-35822 | 2022-08-15 | Windows Defender Credential Guard Security Feature Bypass Vulnerability |
| CVE-2022-38186 | 2022-08-15 | There is a reflected XSS vulnerability in Esri Portal for... |
| CVE-2022-38190 | 2022-08-15 | Stored cross-site scripting vulnerability in Esri Portal for ArcGIS Configurable Apps |
| CVE-2022-38188 | 2022-08-15 | There is a reflected XSS vulnerability in Esri Portal for... |
| CVE-2022-38368 | 2022-08-15 | An issue was discovered in Aviatrix Gateway before 6.6.5712 and... |
| CVE-2022-38187 | 2022-08-15 | Prevent access to sharing/rest/content/features/analyze to unauthorized users |
| CVE-2022-38191 | 2022-08-15 | HTML injection vulnerability in Portal for ArcGIS |
| CVE-2022-38358 | 2022-08-15 | Improper neutralization of input during web page generation leaves the... |
| CVE-2022-38359 | 2022-08-15 | Cross-site request forgery attacks can be carried out against the... |
| CVE-2022-38357 | 2022-08-15 | Improper neutralization of special elements leaves the Eyes of Network... |
| CVE-2022-28756 | 2022-08-15 | Local Privilege Escalation in Auto Updater for Zoom Client for Meetings for macOS |
| CVE-2020-10710 | 2022-08-16 | A flaw was found where the Plaintext Candlepin password is... |
| CVE-2020-14321 | 2022-08-16 | In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of... |
| CVE-2020-14322 | 2022-08-16 | In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed... |
| CVE-2022-24950 | 2022-08-16 | A race condition exists in Eternal Terminal prior to version... |
| CVE-2022-24951 | 2022-08-16 | A race condition exists in Eternal Terminal prior to version... |
| CVE-2022-24952 | 2022-08-16 | Several denial of service vulnerabilities exist in Eternal Terminal prior... |
| CVE-2022-2846 | 2022-08-16 | Calendar Event Multi View < 1.4.07 - Unauthenticated Arbitrary Event Creation to Stored XSS |
| CVE-2022-24949 | 2022-08-16 | A privilege escalation to root exists in Eternal Terminal prior... |
| CVE-2022-36306 | 2022-08-16 | An authenticated attacker can enumerate and download sensitive files, including... |
| CVE-2022-36307 | 2022-08-16 | The AirVelocity 1500 prints SNMP credentials on its physically accessible... |
| CVE-2022-36308 | 2022-08-16 | Airspan AirVelocity 1500 web management UI displays SNMP credentials in... |
| CVE-2022-36309 | 2022-08-16 | Airspan AirVelocity 1500 software versions prior to 15.18.00.2511 have a... |
| CVE-2022-36310 | 2022-08-16 | Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB... |
| CVE-2022-36311 | 2022-08-16 | Airspan AirVelocity 1500 prior to software version 15.18.00.2511 is vulnerable... |
| CVE-2022-36312 | 2022-08-16 | Airspan AirVelocity 1500 software version 15.18.00.2511 lacks CSRF protections in... |
| CVE-2022-38216 | 2022-08-16 | An integer overflow exists in Mapbox's closed source gl-native library... |
| CVE-2022-33939 | 2022-08-16 | CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345,... |
| CVE-2022-34156 | 2022-08-16 | 'Hulu / フールー' App for iOS versions prior to 3.0.81... |
| CVE-2022-35239 | 2022-08-16 | The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23... |
| CVE-2022-35734 | 2022-08-16 | 'Hulu / フールー' App for Android from version 3.0.47 to... |
| CVE-2022-36293 | 2022-08-16 | Buffer overflow vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All... |
| CVE-2022-36344 | 2022-08-16 | An unquoted search path vulnerability exists in 'JustSystems JUST Online... |
| CVE-2022-36381 | 2022-08-16 | OS command injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001... |
| CVE-2022-2838 | 2022-08-16 | In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser... |
| CVE-2022-29959 | 2022-08-16 | Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an... |