CVE List - 2022 / August
Showing 1601 - 1700 of 2306 CVEs for August 2022 (Page 17 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-35278 | 2022-08-23 | HTML Injection in ActiveMQ Artemis Web Console |
| CVE-2022-33916 | 2022-08-23 | OPC UA .NET Standard Reference Server 1.04.368 allows a remote... |
| CVE-2021-42232 | 2022-08-23 | TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command... |
| CVE-2019-25075 | 2022-08-23 | HTML injection combined with path traversal in the Email service... |
| CVE-2022-34919 | 2022-08-23 | The file upload wizard in Zengenti Contensis Classic before 15.2.1.79... |
| CVE-2020-35992 | 2022-08-23 | Fiserv Prologue through 2020-12-16 does not properly protect the database... |
| CVE-2022-35733 | 2022-08-23 | Missing authentication for critical function vulnerability in UNIMO Technology digital... |
| CVE-2022-2829 | 2022-08-23 | Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm |
| CVE-2022-25302 | 2022-08-23 | Denial of Service (DoS) |
| CVE-2022-25304 | 2022-08-23 | Denial of Service (DoS) |
| CVE-2022-25231 | 2022-08-23 | Denial of Service (DoS) |
| CVE-2022-21208 | 2022-08-23 | Denial of Service (DoS) |
| CVE-2022-24298 | 2022-08-23 | Denial of Service (DoS) |
| CVE-2022-25761 | 2022-08-23 | Denial of Service (DoS) |
| CVE-2022-25888 | 2022-08-23 | Denial of Service (DoS) |
| CVE-2022-24381 | 2022-08-23 | Denial of Service (DoS) |
| CVE-2022-27637 | 2022-08-23 | Reflected cross-site scripting vulnerability in PukiWiki versions 1.5.1 to 1.5.3... |
| CVE-2022-34486 | 2022-08-23 | Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows... |
| CVE-2022-36350 | 2022-08-23 | Stored cross-site scripting vulnerability in PukiWiki versions 1.3.1 to 1.5.3... |
| CVE-2022-2796 | 2022-08-23 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2022-1989 | 2022-08-23 | CODESYS Visualization vulnerable to user enumeration |
| CVE-2022-2956 | 2022-08-23 | ConsoleTVs Noxen users.php cross site scripting |
| CVE-2021-42627 | 2022-08-23 | The WAN configuration page "wan.htm" on D-Link DIR-615 devices with... |
| CVE-2022-35203 | 2022-08-23 | An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated... |
| CVE-2022-36261 | 2022-08-23 | An arbitrary file deletion vulnerability was discovered in taocms 3.0.2,... |
| CVE-2022-37199 | 2022-08-23 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list. |
| CVE-2022-37223 | 2022-08-23 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list. |
| CVE-2022-37113 | 2022-08-23 | Bluecms 1.6 has SQL injection in line 132 of admin/area.php |
| CVE-2022-37112 | 2022-08-23 | BlueCMS 1.6 has SQL injection in line 55 of admin/model.php |
| CVE-2022-37111 | 2022-08-23 | BlueCMS 1.6 has SQL injection in line 132 of admin/article.php |
| CVE-2022-2965 | 2022-08-23 | Improper Restriction of Rendered UI Layers or Frames in notrinos/notrinoserp |
| CVE-2022-34648 | 2022-08-23 | WordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-29476 | 2022-08-23 | WordPress Notification Bar for WordPress plugin <= 1.1.8 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-35242 | 2022-08-23 | WordPress THE Leads Management System: 59sec LITE plugin <= 3.4.1 - Unauthenticated plugin settings change vulnerability |
| CVE-2022-34868 | 2022-08-23 | WordPress ЮKassa для WooCommerce plugin <= 2.3.0 - Authenticated Arbitrary Settings Update vulnerability |
| CVE-2022-33142 | 2022-08-23 | WordPress Better Messages plugin <= 1.9.10.57 - Denial Of Service (DoS) vulnerability |
| CVE-2022-34658 | 2022-08-23 | WordPress Download Manager plugin <= 3.2.48 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-36282 | 2022-08-23 | WordPress Search Exclude plugin <= 1.2.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-35235 | 2022-08-23 | WordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Read vulnerability |
| CVE-2022-36288 | 2022-08-23 | WordPress Download Manager plugin <= 3.2.48 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities |
| CVE-2022-36341 | 2022-08-23 | WordPress AS – Create Pinterest Pinboard Pages plugin <= 1.0 - Authenticated plugin settings change leading to Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-36394 | 2022-08-23 | WordPress Contest Gallery plugin <= 17.0.4 - Authenticated SQL Injection (SQLi) vulnerability |
| CVE-2022-36379 | 2022-08-23 | WordPress ЮKassa для WooCommerce plugin <= 2.3.0 - Cross-Site Request Forgery (CSRF) leading to plugin settings update |
| CVE-2022-35726 | 2022-08-23 | WordPress Video Gallery plugin <= 1.3.4.5 - Broken Authentication vulnerability |
| CVE-2022-36285 | 2022-08-23 | WordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Arbitrary File Upload vulnerability |
| CVE-2022-36292 | 2022-08-23 | WordPress Gallery PhotoBlocks plugin <= 1.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilities |
| CVE-2022-36347 | 2022-08-23 | WordPress Alpine PhotoTile for Pinterest plugin <= 1.3.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-36405 | 2022-08-23 | WordPress amCharts: Charts and Maps plugin <= 1.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-36389 | 2022-08-23 | WordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2021-3798 | 2022-08-23 | A flaw was found in openCryptoki. The openCryptoki Soft token... |
| CVE-2021-3670 | 2022-08-23 | MaxQueryDuration not honoured in Samba AD DC LDAP |
| CVE-2021-3690 | 2022-08-23 | A flaw was found in Undertow. A buffer leak on... |
| CVE-2021-3701 | 2022-08-23 | A flaw was found in ansible-runner where the default temporary... |
| CVE-2021-3702 | 2022-08-23 | A race condition flaw was found in ansible-runner, where an... |
| CVE-2021-3714 | 2022-08-23 | A flaw was found in the Linux kernels memory deduplication... |
| CVE-2021-3736 | 2022-08-23 | A flaw was found in the Linux kernel. A memory... |
| CVE-2021-3763 | 2022-08-23 | A flaw was found in the Red Hat AMQ Broker... |
| CVE-2021-3764 | 2022-08-23 | A memory leak flaw was found in the Linux kernel's... |
| CVE-2021-3839 | 2022-08-23 | A flaw was found in the vhost library in DPDK.... |
| CVE-2021-3827 | 2022-08-23 | A flaw was found in keycloak, where the default ECP... |
| CVE-2020-35509 | 2022-08-23 | A flaw was found in keycloak affecting versions 11.0.3 and... |
| CVE-2022-28882 | 2022-08-23 | Denial-of-Service (DoS) Vulnerability |
| CVE-2022-28883 | 2022-08-23 | Denial-of-Service (DoS) Vulnerability |
| CVE-2022-37428 | 2022-08-23 | PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1,... |
| CVE-2022-38663 | 2022-08-23 | Jenkins Git Plugin 4.11.4 and earlier does not properly mask... |
| CVE-2022-38664 | 2022-08-23 | Jenkins Job Configuration History Plugin 1165.v8cc9fd1f4597 and earlier does not... |
| CVE-2022-38665 | 2022-08-23 | Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ... |
| CVE-2022-1513 | 2022-08-23 | A potential vulnerability was reported in Lenovo PCManager prior to... |
| CVE-2022-35115 | 2022-08-23 | IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) was... |
| CVE-2022-38172 | 2022-08-23 | ServiceNow through San Diego Patch 3 allows XSS via the... |
| CVE-2022-38463 | 2022-08-23 | ServiceNow through San Diego Patch 4b and Patch 6 allows... |
| CVE-2021-3917 | 2022-08-23 | A flaw was found in the coreos-installer, where it writes... |
| CVE-2022-38132 | 2022-08-23 | Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By specifying username and password, an attacker connected to the router's web interface can execute arbitrary OS commands. |
| CVE-2021-3998 | 2022-08-24 | A flaw was found in glibc. The realpath() function can... |
| CVE-2021-3999 | 2022-08-24 | A flaw was found in glibc. An off-by-one buffer overflow... |
| CVE-2021-4028 | 2022-08-24 | A flaw in the Linux kernel's implementation of RDMA communications... |
| CVE-2021-4037 | 2022-08-24 | A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of... |
| CVE-2021-4189 | 2022-08-24 | A flaw was found in Python, specifically in the FTP... |
| CVE-2021-4204 | 2022-08-24 | An out-of-bounds (OOB) memory access flaw was found in the... |
| CVE-2021-4214 | 2022-08-24 | A heap overflow flaw was found in libpngs' pngimage.c program.... |
| CVE-2022-27812 | 2022-08-24 | Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17,... |
| CVE-2022-2978 | 2022-08-24 | A flaw use after free in the Linux kernel NILFS... |
| CVE-2022-32793 | 2022-08-24 | Multiple out-of-bounds write issues were addressed with improved bounds checking.... |
| CVE-2022-32893 | 2022-08-24 | An out-of-bounds write issue was addressed with improved bounds checking.... |
| CVE-2022-32894 | 2022-08-24 | An out-of-bounds write issue was addressed with improved bounds checking.... |
| CVE-2022-25903 | 2022-08-24 | Denial of Service (DoS) |
| CVE-2022-36945 | 2022-08-24 | The Remote Keyless Entry (RKE) receiving unit on certain Mazda... |
| CVE-2022-24375 | 2022-08-24 | Denial of Service (DoS) |
| CVE-2022-37305 | 2022-08-24 | The Remote Keyless Entry (RKE) receiving unit on certain Honda... |
| CVE-2022-37418 | 2022-08-24 | The Remote Keyless Entry (RKE) receiving unit on certain Nissan,... |
| CVE-2022-37333 | 2022-08-24 | SQL injection vulnerability in the Exment ((PHP8) exceedone/exment v5.0.2 and... |
| CVE-2022-38078 | 2022-08-24 | Movable Type XMLRPC API provided by Six Apart Ltd. contains... |
| CVE-2022-38080 | 2022-08-24 | Reflected cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and... |
| CVE-2022-38089 | 2022-08-24 | Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and... |
| CVE-2022-33172 | 2022-08-24 | de.fac2 1.34 allows bypassing the User Presence protection mechanism when... |
| CVE-2022-37153 | 2022-08-24 | An issue was discovered in Artica Proxy 4.30.000000. There is... |
| CVE-2022-36633 | 2022-08-24 | Teleport 9.3.6 is vulnerable to Command injection leading to Remote... |
| CVE-2021-0698 | 2022-08-24 | In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap... |
| CVE-2021-0887 | 2022-08-24 | In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap... |
| CVE-2021-0891 | 2022-08-24 | An unprivileged app can trigger PowerVR driver to return an... |