CVE List - 2022 / September
Showing 1601 - 1700 of 2148 CVEs for September 2022 (Page 17 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-35029 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a segmentation violation... |
| CVE-2022-35030 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a segmentation violation... |
| CVE-2022-35031 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a segmentation violation... |
| CVE-2022-35032 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a segmentation violation... |
| CVE-2022-35034 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a heap buffer... |
| CVE-2022-35035 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a heap buffer... |
| CVE-2022-35036 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a heap buffer... |
| CVE-2022-35037 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a heap buffer... |
| CVE-2022-35038 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a heap buffer... |
| CVE-2022-35039 | 2022-09-22 | OTFCC commit 617837b was discovered to contain a heap buffer... |
| CVE-2022-34026 | 2022-09-22 | ICEcoder v8.1 allows attackers to execute a directory traversal. |
| CVE-2022-35894 | 2022-09-22 | An issue was discovered in Insyde InsydeH2O with kernel 5.0... |
| CVE-2022-3274 | 2022-09-22 | Cross-Site Request Forgery (CSRF) on user's settings in GitHub repository ikus060/rdiffweb prior to 2.4.6. in ikus060/rdiffweb |
| CVE-2022-37234 | 2022-09-22 | Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119... |
| CVE-2021-27774 | 2022-09-22 | An injection vulnerability affects HCL Digital Experience |
| CVE-2022-31937 | 2022-09-22 | Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a... |
| CVE-2022-40087 | 2022-09-22 | Simple College Website v1.0 was discovered to contain an arbitrary... |
| CVE-2022-40088 | 2022-09-22 | Simple College Website v1.0 was discovered to contain a reflected... |
| CVE-2022-40089 | 2022-09-22 | A remote file inclusion (RFI) vulnerability in Simple College Website... |
| CVE-2022-36934 | 2022-09-22 | An integer overflow in WhatsApp could result in remote code... |
| CVE-2022-23458 | 2022-09-22 | Toast UI Grid vulnerable to Cross-site scripting |
| CVE-2022-30426 | 2022-09-22 | There is a stack buffer overflow vulnerability, which could lead... |
| CVE-2022-38573 | 2022-09-22 | 10-Strike Network Inventory Explorer v9.3 was discovered to contain a... |
| CVE-2022-40298 | 2022-09-22 | Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions,... |
| CVE-2021-41803 | 2022-09-23 | HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do... |
| CVE-2022-3278 | 2022-09-23 | NULL Pointer Dereference in vim/vim |
| CVE-2022-32814 | 2022-09-23 | A type confusion issue was addressed with improved state handling.... |
| CVE-2022-32849 | 2022-09-23 | An information disclosure issue was addressed by removing the vulnerable... |
| CVE-2022-35252 | 2022-09-23 | When curl is used to retrieve and parse cookies from... |
| CVE-2022-35951 | 2022-09-23 | Redis subject to Integer Overflow leading to Remote Code Execution via Heap Overflow |
| CVE-2022-36944 | 2022-09-23 | Scala 2.13.x before 2.13.9 has a Java deserialization chain in... |
| CVE-2022-40188 | 2022-09-23 | Knot Resolver before 5.5.3 allows remote attackers to cause a... |
| CVE-2022-40716 | 2022-09-23 | HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and... |
| CVE-2022-41319 | 2022-09-23 | A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop... |
| CVE-2022-37235 | 2022-09-23 | Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119... |
| CVE-2022-37232 | 2022-09-23 | Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow... |
| CVE-2022-41320 | 2022-09-23 | Veritas System Recovery (VSR) versions 18 and 21 store a... |
| CVE-2022-41322 | 2022-09-23 | In Kitty before 0.26.2, insufficient validation in the desktop notification... |
| CVE-2020-36604 | 2022-09-23 | hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning... |
| CVE-2022-39225 | 2022-09-23 | Parse Server subject to Incorrect Resource Transfer Between Spheres |
| CVE-2022-39227 | 2022-09-23 | Python-jwt subject to Authentication Bypass by Spoofing |
| CVE-2022-39230 | 2022-09-23 | Security issue in fhir-works-on-aws-authz-smart |
| CVE-2022-39231 | 2022-09-23 | Parse Server subject to Improper Authentication allowing Auth adapter app ID validation to be circumvented |
| CVE-2022-39239 | 2022-09-23 | nefly-ipx subject to Server-Side Request Forgery and Stored Cross-Site Scripting via Cache Poisoning and Improper Host Validation |
| CVE-2022-39238 | 2022-09-23 | Improper Authentication in Arvados when using PAM as identity provider |
| CVE-2022-26112 | 2022-09-23 | Pinot query endpoint and the realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support |
| CVE-2022-3269 | 2022-09-23 | Session Fixation in ikus060/rdiffweb |
| CVE-2022-24280 | 2022-09-23 | Apache Pulsar Proxy target broker address isn't validated |
| CVE-2022-33681 | 2022-09-23 | Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM |
| CVE-2022-33682 | 2022-09-23 | Disabled Hostname Verification makes Brokers, Proxies vulnerable to MITM attack |
| CVE-2022-33683 | 2022-09-23 | Disabled Certificate Validation makes Broker, Proxy Admin Clients vulnerable to MITM attack |
| CVE-2022-38936 | 2022-09-23 | An issue has been found in PBC through 2022-8-27. A... |
| CVE-2022-40979 | 2022-09-23 | In JetBrains TeamCity before 2022.04.4 environmental variables of "password" type... |
| CVE-2022-2785 | 2022-09-23 | Arbitrary Memory read in BPF Linux Kernel |
| CVE-2022-2566 | 2022-09-23 | Heap-memory write in FFMPEG |
| CVE-2022-2347 | 2022-09-23 | Unchecked Download size in Uboot |
| CVE-2022-3236 | 2022-09-23 | A code injection vulnerability in the User Portal and Webadmin... |
| CVE-2022-40869 | 2022-09-23 | Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities... |
| CVE-2022-37330 | 2022-09-23 | WordPress WHA Crossword plugin <= 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-37338 | 2022-09-23 | WordPress Blossom Recipe Maker plugin <= 1.0.7 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-40865 | 2022-09-23 | Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities... |
| CVE-2022-35257 | 2022-09-23 | A local privilege escalation vulnerability in UI Desktop for Windows... |
| CVE-2022-30121 | 2022-09-23 | The “LANDesk(R) Management Agent” service exposes a socket and once... |
| CVE-2022-40864 | 2022-09-23 | Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities... |
| CVE-2022-37339 | 2022-09-23 | WordPress Meet My Team plugin <= 2.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-36798 | 2022-09-23 | WordPress Mega Addons For WPBakery Page Builder plugin <= 4.2.7 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-38095 | 2022-09-23 | WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-40862 | 2022-09-23 | Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability... |
| CVE-2022-40091 | 2022-09-23 | Online Tours & Travels Management System v1.0 was discovered to... |
| CVE-2022-40092 | 2022-09-23 | Online Tours & Travels Management System v1.0 was discovered to... |
| CVE-2022-40093 | 2022-09-23 | Online Tours & Travels Management System v1.0 was discovered to... |
| CVE-2022-40860 | 2022-09-23 | Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in... |
| CVE-2022-40213 | 2022-09-23 | WordPress GS Testimonial Slider plugin <= 1.9.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities |
| CVE-2022-38703 | 2022-09-23 | WordPress Button Plugin MaxButtons plugin <= 9.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-2937 | 2022-09-23 | Image Hover Effects Ultimate <= 9.7.3 - Authenticated Stored Cross-Site Scripting via Title & Description |
| CVE-2022-3144 | 2022-09-23 | The Wordfence Security – Firewall & Malware Scan plugin for... |
| CVE-2022-40853 | 2022-09-23 | Tenda AC15 router V15.03.05.19 contains a stack overflow via the... |
| CVE-2022-27492 | 2022-09-23 | An integer underflow in WhatsApp could have caused remote code... |
| CVE-2022-40851 | 2022-09-23 | Tenda AC15 V15.03.05.19 contained a stack overflow via the function... |
| CVE-2022-23144 | 2022-09-23 | There is a broken access control vulnerability in ZTE ZXvSTB... |
| CVE-2022-3257 | 2022-09-23 | Server-side Denial of Service while processing a specifically crafted GIF file |
| CVE-2022-40854 | 2022-09-23 | Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set |
| CVE-2022-40671 | 2022-09-23 | WordPress Rate my Post – WP Rating System plugin <= 3.3.4 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-40310 | 2022-09-23 | WordPress Rate my Post – WP Rating System plugin <= 3.3.4 - Race Condition vulnerability |
| CVE-2022-36791 | 2022-09-23 | WordPress Torro Forms plugin <= 1.0.16 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-40868 | 2022-09-23 | Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability... |
| CVE-2022-37328 | 2022-09-23 | WordPress History Timeline plugin <= 1.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-40867 | 2022-09-23 | Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability... |
| CVE-2022-40866 | 2022-09-23 | Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability... |
| CVE-2022-38460 | 2022-09-23 | WordPress NOTICE BOARD plugin <= 1.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-35238 | 2022-09-23 | WordPress Awesome Filterable Portfolio plugin <= 1.9.7 - Unauthenticated Plugin Settings Change vulnerability |
| CVE-2022-40855 | 2022-09-23 | Tenda W20E router V15.11.0.6 contains a stack overflow in the... |
| CVE-2022-40193 | 2022-09-23 | WordPress Awesome Filterable Portfolio plugin <= 1.9.7 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-36388 | 2022-09-23 | WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-37342 | 2022-09-23 | WordPress Add Shortcodes Actions And Filters plugin <= 2.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-38085 | 2022-09-23 | WordPress Read more By Adam plugin <= 1.1.8 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-40195 | 2022-09-23 | WordPress PCA Predict plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-40861 | 2022-09-23 | Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in... |
| CVE-2022-40672 | 2022-09-23 | WordPress CPO Shortcodes plugin <= 1.5.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-38061 | 2022-09-23 | WordPress Export Post Info plugin <= 1.2.0 - Authenticated CSV Injection vulnerability |