CVE List - 2022 / September
Showing 2101 - 2148 of 2148 CVEs for September 2022 (Page 22 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-23726 | 2022-09-30 | PingCentral versions prior to listed versions expose Spring Boot actuator... |
| CVE-2022-36961 | 2022-09-30 | Orion Platform SQL Injection Privilege Escalation Vulnerability |
| CVE-2021-36839 | 2022-09-30 | WordPress Social Media Follow Buttons Bar plugin <= 4.73 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2021-36830 | 2022-09-30 | WordPress Comment Guestbook plugin <= 0.8.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2022-40274 | 2022-09-30 | Gridea version 0.9.3 allows an external attacker to execute arbitrary... |
| CVE-2022-40277 | 2022-09-30 | Joplin version 2.8.8 allows an external attacker to execute arbitrary... |
| CVE-2022-1959 | 2022-09-30 | AppLock version 7.9.29 allows an attacker with physical access to... |
| CVE-2022-41870 | 2022-09-30 | AP Manager in Innovaphone before 13r2 Service Release 17 allows... |
| CVE-2022-21826 | 2022-09-30 | Pulse Secure version 9.115 and below may be susceptible to... |
| CVE-2022-40314 | 2022-09-30 | A remote code execution risk when restoring backup files originating... |
| CVE-2022-40313 | 2022-09-30 | Recursive rendering of Mustache template helpers containing user input could,... |
| CVE-2022-40315 | 2022-09-30 | A limited SQL injection risk was identified in the "browse... |
| CVE-2022-40316 | 2022-09-30 | The H5P activity attempts report did not filter by groups,... |
| CVE-2022-32540 | 2022-09-30 | Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0... |
| CVE-2022-36965 | 2022-09-30 | Stored and DOM XSS in QoE Applications: Orion Platform |
| CVE-2021-36854 | 2022-09-30 | WordPress Booking Ultra Pro plugin <= 1.1.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities |
| CVE-2021-36855 | 2022-09-30 | WordPress Booking Ultra Pro plugin <= 1.1.4 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-28851 | 2022-09-30 | AEM Reflected XSS Arbitrary code execution |
| CVE-2021-33354 | 2022-09-30 | Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers... |
| CVE-2022-40944 | 2022-09-30 | Dairy Farm Shop Management System 1.0 is vulnerable to SQL... |
| CVE-2022-41975 | 2022-09-30 | RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826... |
| CVE-2022-35156 | 2022-09-30 | Bus Pass Management System 1.0 was discovered to contain a... |
| CVE-2022-35155 | 2022-09-30 | Bus Pass Management System v1.0 was discovered to contain a... |
| CVE-2022-40756 | 2022-09-30 | If folder security is misconfigured for Actian Zen PSQL BEFORE... |
| CVE-2022-40943 | 2022-09-30 | Dairy Farm Shop Management System 1.0 is vulnerable to SQL... |
| CVE-2022-40923 | 2022-09-30 | A vulnerability in the LIEF::MachO::SegmentCommand::virtual_address function of LIEF v0.12.1 allows... |
| CVE-2022-20662 | 2022-09-30 | Cisco Duo for macOS Authentication Bypass Vulnerability |
| CVE-2022-20728 | 2022-09-30 | Cisco Access Points VLAN Bypass from Native VLAN Vulnerability |
| CVE-2022-20769 | 2022-09-30 | Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability |
| CVE-2022-20775 | 2022-09-30 | Cisco SD-WAN Software Privilege Escalation Vulnerabilities |
| CVE-2022-20810 | 2022-09-30 | Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Information Disclosure Vulnerability |
| CVE-2022-20818 | 2022-09-30 | Cisco SD-WAN Software Privilege Escalation Vulnerabilities |
| CVE-2022-20844 | 2022-09-30 | Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password Vulnerability |
| CVE-2022-20847 | 2022-09-30 | Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family DHCP Processing Denial of Service Vulnerability |
| CVE-2022-20848 | 2022-09-30 | Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability |
| CVE-2022-20850 | 2022-09-30 | Cisco SD-WAN Arbitrary File Deletion Vulnerability |
| CVE-2022-20851 | 2022-09-30 | Cisco IOS XE Software Web UI Command Injection Vulnerability |
| CVE-2022-20855 | 2022-09-30 | Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation Vulnerability |
| CVE-2022-20856 | 2022-09-30 | Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility Denial of Service Vulnerability |
| CVE-2022-40341 | 2022-09-30 | mojoPortal v2.7 was discovered to contain an arbitrary file upload... |
| CVE-2022-20919 | 2022-09-30 | Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability |
| CVE-2022-20930 | 2022-09-30 | Cisco SD-WAN Software Arbitrary File Corruption Vulnerability |
| CVE-2022-20945 | 2022-09-30 | Cisco Catalyst 9100 Series Access Points Association Request Denial of Service Vulnerability |
| CVE-2021-36865 | 2022-09-30 | WordPress Quiz And Survey Master plugin <= 7.3.4 - Insecure direct object references (IDOR) vulnerability |
| CVE-2022-34428 | 2022-09-30 | Dell Hybrid Client prior to version 1.8 contains a Regular... |
| CVE-2022-34429 | 2022-09-30 | Dell Hybrid Client below 1.8 version contains a Zip Slip... |
| CVE-2022-39268 | 2022-09-30 | orchest vulnerable to cross-site request forgery that allows control of a user instance |
| CVE-2022-42002 | 2022-09-30 | SonicJS through 0.6.0 allows file overwrite. It has the following... |