CVE List - 2022 / August

Showing 501 - 600 of 2306 CVEs for August 2022 (Page 6 of 24)

Back to List Previous Next

CVE ID	Date	Title
CVE-2021-33646	2022-08-09	The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
CVE-2022-34704	2022-08-09	Windows Defender Credential Guard Information Disclosure Vulnerability
CVE-2022-25907	2022-08-09	Prototype Pollution
CVE-2022-2715	2022-08-09	SourceCodester Employee Management System eloginwel.php sql injection
CVE-2022-35724	2022-08-09	Denial of service while reading data in Avro Rust SDK
CVE-2022-36124	2022-08-09	Memory overconsumption in Avro Rust SDK
CVE-2022-36125	2022-08-09	Integer overflow when reading corrupted .avro file in Avro Rust SDK
CVE-2022-2722	2022-08-09	SourceCodester Simple Student Information System manage_course.php sql injection
CVE-2022-2723	2022-08-09	SourceCodester Employee Management System eprocess.php sql injection
CVE-2022-2724	2022-08-09	SourceCodester Employee Management System aprocess.php sql injection
CVE-2022-2725	2022-08-09	SourceCodester Company Website CMS add-blog.php cross site scripting
CVE-2022-2726	2022-08-09	SEMCMS Ant_Check.php sql injection
CVE-2022-2727	2022-08-09	SourceCodester Gym Management System login.php sql injection
CVE-2022-2728	2022-08-09	SourceCodester Gym Management System index.php sql injection
CVE-2022-2730	2022-08-09	Authorization Bypass Through User-Controlled Key in openemr/openemr
CVE-2022-2729	2022-08-09	Cross-site Scripting (XSS) - DOM in openemr/openemr
CVE-2022-2731	2022-08-09	Cross-site Scripting (XSS) - Reflected in openemr/openemr
CVE-2022-2733	2022-08-09	Cross-site Scripting (XSS) - Reflected in openemr/openemr
CVE-2022-2732	2022-08-09	Missing Authorization in openemr/openemr
CVE-2022-2734	2022-08-09	Improper Restriction of Rendered UI Layers or Frames in openemr/openemr
CVE-2022-37024	2022-08-09	Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database...
CVE-2022-35426	2022-08-09	UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file.
CVE-2022-35491	2022-08-09	TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample.
CVE-2022-30573	2022-08-09	TIBCO FTL Privilege Escalation
CVE-2022-30574	2022-08-09	TIBCO eFTL Secret Jacking
CVE-2022-35509	2022-08-09	An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an attacker to execute arbitrary Web scripts or HTML by injecting a special payload...
CVE-2022-35538	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml.
CVE-2022-35537	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml.
CVE-2022-35536	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml.
CVE-2022-35535	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml.
CVE-2022-35534	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_ssid.shtml.
CVE-2022-35533	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml.
CVE-2022-35526	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml.
CVE-2022-21979	2022-08-09	Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-21980	2022-08-09	Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-35525	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml.
CVE-2022-24477	2022-08-09	Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-24516	2022-08-09	Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-30133	2022-08-09	Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
CVE-2022-30134	2022-08-09	Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-30144	2022-08-09	Windows Bluetooth Service Remote Code Execution Vulnerability
CVE-2022-30175	2022-08-09	Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-30176	2022-08-09	Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-35524	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injection in page /wizard_rep.shtml.
CVE-2022-30194	2022-08-09	Windows WebBrowser Control Remote Code Execution Vulnerability
CVE-2022-30197	2022-08-09	Windows Kernel Information Disclosure Vulnerability
CVE-2022-33631	2022-08-09	Microsoft Excel Security Feature Bypass Vulnerability
CVE-2022-33636	2022-08-09	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2022-33640	2022-08-09	System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
CVE-2022-35523	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml.
CVE-2022-33646	2022-08-09	Azure Batch Node Agent Elevation of Privilege Vulnerability
CVE-2022-33648	2022-08-09	Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-33649	2022-08-09	Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2022-33670	2022-08-09	Windows Partition Management Driver Elevation of Privilege Vulnerability
CVE-2022-34685	2022-08-09	Azure RTOS GUIX Studio Information Disclosure Vulnerability
CVE-2022-34686	2022-08-09	Azure RTOS GUIX Studio Information Disclosure Vulnerability
CVE-2022-34687	2022-08-09	Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-34690	2022-08-09	Windows Fax Service Elevation of Privilege Vulnerability
CVE-2022-35522	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml.
CVE-2022-34691	2022-08-09	Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2022-34692	2022-08-09	Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-34696	2022-08-09	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2022-34699	2022-08-09	Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-34701	2022-08-09	Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability
CVE-2022-35521	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command injection in page /man_security.shtml.
CVE-2022-34702	2022-08-09	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-34703	2022-08-09	Windows Partition Management Driver Elevation of Privilege Vulnerability
CVE-2022-34705	2022-08-09	Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2022-34706	2022-08-09	Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2022-35520	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exist in cgi binary....
CVE-2022-34707	2022-08-09	Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-34708	2022-08-09	Windows Kernel Information Disclosure Vulnerability
CVE-2022-34709	2022-08-09	Windows Defender Credential Guard Security Feature Bypass Vulnerability
CVE-2022-34710	2022-08-09	Windows Defender Credential Guard Information Disclosure Vulnerability
CVE-2022-34712	2022-08-09	Windows Defender Credential Guard Information Disclosure Vulnerability
CVE-2022-34713	2022-08-09	Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
CVE-2022-34714	2022-08-09	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35519	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml.
CVE-2022-34715	2022-08-09	Windows Network File System Remote Code Execution Vulnerability
CVE-2022-34716	2022-08-09	.NET Spoofing Vulnerability
CVE-2022-34717	2022-08-09	Microsoft Office Remote Code Execution Vulnerability
CVE-2022-35518	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml.
CVE-2022-35760	2022-08-09	Microsoft ATA Port Driver Elevation of Privilege Vulnerability
CVE-2022-35761	2022-08-09	Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-35762	2022-08-09	Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35763	2022-08-09	Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35764	2022-08-09	Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35765	2022-08-09	Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35766	2022-08-09	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35767	2022-08-09	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35768	2022-08-09	Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-35769	2022-08-09	Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
CVE-2022-35771	2022-08-09	Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2022-35772	2022-08-09	Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-35773	2022-08-09	Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-35774	2022-08-09	Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-35775	2022-08-09	Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-35776	2022-08-09	Azure Site Recovery Denial of Service Vulnerability
CVE-2022-35777	2022-08-09	Visual Studio Remote Code Execution Vulnerability
CVE-2022-35517	2022-08-09	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: web_pskValue, wl_Method, wlan_ssid, EncrypType, rwan_ip, rwan_mask, rwan_gateway, ppp_username, ppp_passwd and ppp_setver, which leads to command injection in page...