CVE List - 2022 / August
Showing 701 - 800 of 2306 CVEs for August 2022 (Page 8 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-31778 | 2022-08-10 | Transfer-Encoding not treated as hop-by-hop |
| CVE-2022-31780 | 2022-08-10 | HTTP/2 framing vulnerabilities |
| CVE-2021-37150 | 2022-08-10 | Protocol vs scheme mismatch |
| CVE-2022-36801 | 2022-08-10 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the TeamManagement.jspa endpoint.... |
| CVE-2022-25973 | 2022-08-10 | Arbitrary Command Execution |
| CVE-2022-25763 | 2022-08-10 | Improper input validation on HTTP/2 headers |
| CVE-2022-31779 | 2022-08-10 | Improper HTTP/2 scheme and method validation |
| CVE-2022-20841 | 2022-08-10 | Cisco Small Business RV Series Routers Vulnerabilities |
| CVE-2022-20842 | 2022-08-10 | Cisco Small Business RV Series Routers Vulnerabilities |
| CVE-2022-20852 | 2022-08-10 | Cisco Webex Meetings Web Interface Vulnerabilities |
| CVE-2022-20869 | 2022-08-10 | Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability |
| CVE-2022-20914 | 2022-08-10 | Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability |
| CVE-2022-20816 | 2022-08-10 | Cisco Unified Communications Manager Arbitrary File Deletion Vulnerability |
| CVE-2022-20820 | 2022-08-10 | Cisco Webex Meetings Web Interface Vulnerabilities |
| CVE-2022-20827 | 2022-08-10 | Cisco Small Business RV Series Routers Vulnerabilities |
| CVE-2022-20792 | 2022-08-10 | A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow... |
| CVE-2022-2242 | 2022-08-10 | KUKA V/KSS WoV SH access control vulnerability |
| CVE-2021-46304 | 2022-08-10 | A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions), CP-8021 MASTER MODULE (All versions), CP-8022 MASTER MODULE... |
| CVE-2022-34659 | 2022-08-10 | A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). Affected applications expose user, host and display name of users, when... |
| CVE-2022-34660 | 2022-08-10 | A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9),... |
| CVE-2022-34661 | 2022-08-10 | A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9),... |
| CVE-2022-36323 | 2022-08-10 | Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. |
| CVE-2022-36324 | 2022-08-10 | Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial... |
| CVE-2022-36325 | 2022-08-10 | Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and... |
| CVE-2022-36923 | 2022-08-10 | Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain... |
| CVE-2022-2756 | 2022-08-10 | Server-Side Request Forgery (SSRF) in kareadita/kavita |
| CVE-2022-38133 | 2022-08-10 | In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases |
| CVE-2022-0028 | 2022-08-10 | PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering |
| CVE-2022-28881 | 2022-08-10 | Denial-of-Service (DoS) Vulnerability |
| CVE-2022-25793 | 2022-08-10 | A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022, 2021, and 2020 may lead to code execution through the lack of proper validation of the length of user-supplied data... |
| CVE-2022-38129 | 2022-08-10 | A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host. |
| CVE-2022-38130 | 2022-08-10 | The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker... |
| CVE-2022-20713 | 2022-08-10 | A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to... |
| CVE-2022-20866 | 2022-08-10 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability |
| CVE-2022-36750 | 2022-08-10 | Clinic's Patient Management System v1.0 is vulnerable to SQL injection via /pms/update_user.php?id=. |
| CVE-2022-29090 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A low privileged malicious user could potentially exploit this vulnerability in order to obtain credentials. The attacker... |
| CVE-2022-33924 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create... |
| CVE-2022-33925 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order... |
| CVE-2022-33926 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository... |
| CVE-2022-33927 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A unauthenticated attacker could exploit this by taking advantage of a user with multiple active sessions in order... |
| CVE-2022-33928 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. An attacker with low privileges could potentially exploit this vulnerability, leading to the disclosure of... |
| CVE-2022-33929 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious... |
| CVE-2022-33930 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit this vulnerability, leading to the disclosure of certain sensitive information. The... |
| CVE-2022-33931 | 2022-08-10 | Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert Classification page could potentially exploit this vulnerability, leading... |
| CVE-2022-34365 | 2022-08-10 | WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem,... |
| CVE-2022-36270 | 2022-08-10 | Clinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php. |
| CVE-2022-22369 | 2022-08-10 | IBM Workload Scheduler 9.4 and 9.5 could allow a local user to overwrite key system files which would cause the system to crash. IBM X-Force ID: 221187. |
| CVE-2022-22411 | 2022-08-10 | IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM... |
| CVE-2022-22490 | 2022-08-10 | IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342. |
| CVE-2022-35280 | 2022-08-10 | IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM... |
| CVE-2022-35715 | 2022-08-10 | IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be... |
| CVE-2022-20338 | 2022-08-11 | In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing... |
| CVE-2022-20369 | 2022-08-11 | In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2022-38150 | 2022-08-11 | In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a... |
| CVE-2022-38155 | 2022-08-11 | TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash. |
| CVE-2022-38161 | 2022-08-11 | The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for... |
| CVE-2022-2736 | 2022-08-11 | SourceCodester Company Website CMS Background Upload Logo Icon updatelogo.php unrestricted upload |
| CVE-2022-2740 | 2022-08-11 | SourceCodester Company Website CMS Add Blog add-blog.php unrestricted upload |
| CVE-2022-2744 | 2022-08-11 | SourceCodester Gym Management System Background Management add_exercises.php unrestricted upload |
| CVE-2022-2745 | 2022-08-11 | SourceCodester Gym Management System Add New Trainer add_trainers.php sql injection |
| CVE-2022-2746 | 2022-08-11 | SourceCodester Simple Online Book Store System Admin_ add.php unrestricted upload |
| CVE-2022-2747 | 2022-08-11 | SourceCodester Simple Online Book Store book.php sql injection |
| CVE-2022-2748 | 2022-08-11 | SourceCodester Simple Online Book Store System edit.php cross site scripting |
| CVE-2022-2749 | 2022-08-11 | SourceCodester Gym Management System unrestricted upload |
| CVE-2022-2750 | 2022-08-11 | SourceCodester Company Website CMS Add Service add-service.php unrestricted upload |
| CVE-2022-2751 | 2022-08-11 | SourceCodester Company Website CMS add-portfolio.php unrestricted upload |
| CVE-2022-2765 | 2022-08-11 | SourceCodester Company Website CMS settings improper authentication |
| CVE-2022-2766 | 2022-08-11 | SourceCodester Loan Management System index.php sql injection |
| CVE-2022-2767 | 2022-08-11 | SourceCodester Online Admission System index.php cross site scripting |
| CVE-2022-2777 | 2022-08-11 | Cross-site Scripting (XSS) - Stored in microweber/microweber |
| CVE-2022-2768 | 2022-08-11 | SourceCodester Library Management System cross site scripting |
| CVE-2022-2769 | 2022-08-11 | SourceCodester Company Website CMS contact cross site scripting |
| CVE-2022-2770 | 2022-08-11 | SourceCodester Simple Online Book Store System book.php sql injection |
| CVE-2022-2771 | 2022-08-11 | SourceCodester Simple Online Book Store System bookPerPub.php sql injection |
| CVE-2022-2772 | 2022-08-11 | SourceCodester Apartment Visitor Management System action-visitor.php sql injection |
| CVE-2022-2773 | 2022-08-11 | SourceCodester Apartment Visitor Management System profile.php cross site scripting |
| CVE-2022-2774 | 2022-08-11 | SourceCodester Library Management System student.php sql injection |
| CVE-2022-2776 | 2022-08-11 | SourceCodester Gym Management System delete_user.php denial of service |
| CVE-2022-35675 | 2022-08-11 | Adobe FrameMaker SVG File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-35677 | 2022-08-11 | Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2022-35674 | 2022-08-11 | Adobe FrameMaker SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2022-35673 | 2022-08-11 | Adobe FrameMaker SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2022-34235 | 2022-08-11 | Adobe Premiere Elements Uncontrolled Search Path Element Privilege Escalation |
| CVE-2022-35670 | 2022-08-11 | Adobe Acrobat Reader Use-After-Free Memory leak |
| CVE-2022-35665 | 2022-08-11 | Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution |
| CVE-2022-35667 | 2022-08-11 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-35678 | 2022-08-11 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-35668 | 2022-08-11 | Adobe Acrobat Reader Improper Input Validation Memory leak |
| CVE-2022-35671 | 2022-08-11 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-35666 | 2022-08-11 | Adobe Acrobat Reader Improper Input Validation Remote Code Execution Vulnerability |
| CVE-2022-34262 | 2022-08-11 | Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-34261 | 2022-08-11 | Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-34263 | 2022-08-11 | Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2022-34260 | 2022-08-11 | Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2022-34264 | 2022-08-11 | Adobe FrameMaker Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2022-35676 | 2022-08-11 | Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2022-28754 | 2022-08-11 | Zoom On-Premise Deployments: Improper Access Control Vulnerability |
| CVE-2022-28750 | 2022-08-11 | Zoom On-Premise Deployments: Stack Buffer Overflow in Meeting Connector |
| CVE-2022-28753 | 2022-08-11 | Zoom On-Premise Deployments: Improper Access Control Vulnerability |
| CVE-2022-28755 | 2022-08-11 | Improper URL parsing in Zoom Clients |