CVE List - 2022 / September
Showing 401 - 500 of 2148 CVEs for September 2022 (Page 5 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-38531 | 2022-09-07 | FPT G-97RG6M R4.2.98.035 and G-97RG3 R4.2.43.078 are vulnerable to Remote... |
| CVE-2022-37779 | 2022-09-07 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers... |
| CVE-2022-36588 | 2022-09-07 | In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the... |
| CVE-2022-36586 | 2022-09-07 | In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability... |
| CVE-2021-34236 | 2022-09-07 | Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows... |
| CVE-2022-3153 | 2022-09-08 | NULL Pointer Dereference in vim/vim |
| CVE-2022-37144 | 2022-09-08 | The PlexTrac platform prior to API version 1.17.0 does not... |
| CVE-2022-37145 | 2022-09-08 | The PlexTrac platform prior to version 1.17.0 does not restrict... |
| CVE-2022-37146 | 2022-09-08 | The PlexTrac platform prior to version 1.28.0 allows for username... |
| CVE-2022-25897 | 2022-09-08 | Denial of Service (DoS) |
| CVE-2022-25914 | 2022-09-08 | Remote Code Execution (RCE) |
| CVE-2022-33941 | 2022-09-08 | PowerCMS XMLRPC API provided by Alfasado Inc. contains a command... |
| CVE-2022-34869 | 2022-09-08 | Undocumented hidden command that can be executed from the telnet... |
| CVE-2022-35273 | 2022-09-08 | OS command injection vulnerability in GUI setting page of CentreCOM... |
| CVE-2022-36403 | 2022-09-08 | Untrusted search path vulnerability in the installer of Device Software... |
| CVE-2022-38094 | 2022-09-08 | OS command injection vulnerability in the telnet function of CentreCOM... |
| CVE-2022-38394 | 2022-09-08 | Use of hard-coded credentials for the telnet server of CentreCOM... |
| CVE-2022-38399 | 2022-09-08 | Missing protection mechanism for alternate hardware interface in SmaCam CS-QR10... |
| CVE-2022-38400 | 2022-09-08 | Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated... |
| CVE-2022-28220 | 2022-09-08 | STARTTLS command injection in Apache JAMES |
| CVE-2022-3148 | 2022-09-08 | Cross-site Scripting (XSS) - Generic in jgraph/drawio |
| CVE-2022-3138 | 2022-09-08 | Cross-site Scripting (XSS) - Generic in jgraph/drawio |
| CVE-2022-27593 | 2022-09-08 | DeadBolt Ransomware |
| CVE-2022-30079 | 2022-09-08 | Command injection vulnerability was discovered in Netgear R6200 v2 firmware... |
| CVE-2022-20923 | 2022-09-08 | Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers IPSec VPN Server Authentication Bypass Vulnerability |
| CVE-2022-20863 | 2022-09-08 | Cisco Webex Meetings App Character Interface Manipulation Vulnerability |
| CVE-2022-20696 | 2022-09-08 | Cisco SD-WAN vManage Software Unauthenticated Access to Messaging Services Vulnerability |
| CVE-2022-36736 | 2022-09-08 | Jitsi-2.10.5550 was discovered to contain a vulnerability in its web... |
| CVE-2022-36085 | 2022-09-08 | OPA Compiler: Bypass of WithUnsafeBuiltins using `with` keyword to mock functions |
| CVE-2022-36090 | 2022-09-08 | org.xwiki.platform:xwiki-platform-oldcore Improper Authorization check for inactive users |
| CVE-2022-37163 | 2022-09-08 | Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows... |
| CVE-2022-37164 | 2022-09-08 | Inoda OnTrack v3.4 employs a weak password policy which allows... |
| CVE-2022-37857 | 2022-09-08 | bilde2910 Hauk v1.6.1 requires a hardcoded password which by default... |
| CVE-2022-27967 | 2022-09-08 | Cynet 360 Web Portal before v4.5 was discovered to allow... |
| CVE-2022-27968 | 2022-09-08 | Cynet 360 Web Portal before v4.5 was discovered to allow... |
| CVE-2022-27969 | 2022-09-08 | Cynet 360 Web Portal before v4.5 was discovered to allow... |
| CVE-2022-38255 | 2022-09-08 | Interview Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-22314 | 2022-09-08 | IBM Planning Analytics Local 2.0 allows web pages to be... |
| CVE-2022-36091 | 2022-09-08 | XWiki Platform Web Templates vulnerable to Missing Authorization and Exposure of Private Personal Information to an Unauthorized Actor |
| CVE-2022-38260 | 2022-09-08 | Interview Management System v1.0 was discovered to contain a SQL... |
| CVE-2022-36092 | 2022-09-08 | XWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action |
| CVE-2022-36093 | 2022-09-08 | XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard |
| CVE-2022-38256 | 2022-09-08 | TastyIgniter v3.5.0 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2022-38258 | 2022-09-08 | A local file inclusion (LFI) vulnerability in D-Link DIR 819... |
| CVE-2022-3167 | 2022-09-08 | Improper Restriction of Rendered UI Layers or Frames in ikus060/rdiffweb |
| CVE-2022-36094 | 2022-09-08 | XWiki Platform Web Parent POM vulnerable to XSS in the attachment history |
| CVE-2022-38265 | 2022-09-08 | Apartment Visitor Management System v1.0 was discovered to contain a... |
| CVE-2022-36095 | 2022-09-08 | XWiki Cross-Site Request Forgery (CSRF) for actions on tags |
| CVE-2022-36096 | 2022-09-08 | XWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list |
| CVE-2022-36097 | 2022-09-08 | XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form |
| CVE-2022-36099 | 2022-09-08 | XWiki Platform Wiki UI Main Wiki Eval Injection vulnerability |
| CVE-2022-36098 | 2022-09-08 | XWiki Platform Mentions UI vulnerable to Cross-site Scripting |
| CVE-2022-38267 | 2022-09-08 | School Activity Updates with SMS Notification v1.0 was discovered to... |
| CVE-2022-38268 | 2022-09-08 | School Activity Updates with SMS Notification v1.0 was discovered to... |
| CVE-2022-38269 | 2022-09-08 | School Activity Updates with SMS Notification v1.0 was discovered to... |
| CVE-2022-40281 | 2022-09-08 | An issue was discovered in Samsung TizenRT through 3.0_GBM (and... |
| CVE-2022-40279 | 2022-09-08 | An issue was discovered in Samsung TizenRT through 3.0_GBM (and... |
| CVE-2022-40278 | 2022-09-08 | An issue was discovered in Samsung TizenRT through 3.0_GBM (and... |
| CVE-2022-40280 | 2022-09-08 | An issue was discovered in Samsung TizenRT through 3.0_GBM (and... |
| CVE-2022-36100 | 2022-09-08 | XWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval Injection |
| CVE-2022-36084 | 2022-09-08 | cruddl vulnerable to AQL injection through flexSearch |
| CVE-2019-25076 | 2022-09-08 | The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x... |
| CVE-2022-40297 | 2022-09-08 | UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be... |
| CVE-2022-2526 | 2022-09-09 | A use-after-free vulnerability was found in systemd. This issue occurs... |
| CVE-2022-2905 | 2022-09-09 | An out-of-bounds memory read flaw was found in the Linux... |
| CVE-2022-2964 | 2022-09-09 | A flaw was found in the Linux kernel’s driver for... |
| CVE-2022-3169 | 2022-09-09 | A flaw was found in the Linux kernel. A denial... |
| CVE-2022-38266 | 2022-09-09 | An issue in the Leptonica linked library (v1.79.0) allows attackers... |
| CVE-2022-40307 | 2022-09-09 | An issue was discovered in the Linux kernel through 5.19.8.... |
| CVE-2020-10735 | 2022-09-09 | A flaw was found in python. In algorithms with quadratic... |
| CVE-2022-36087 | 2022-09-09 | OAuthLib vulnerable DoS when attacker provides malicious IPV6 URI |
| CVE-2022-40299 | 2022-09-09 | In Singular before 4.3.1, a predictable /tmp pathname is used... |
| CVE-2022-40305 | 2022-09-09 | A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3... |
| CVE-2022-25765 | 2022-09-09 | Command Injection |
| CVE-2022-2925 | 2022-09-09 | Cross-site Scripting (XSS) - Stored in appwrite/appwrite |
| CVE-2022-29061 | 2022-09-09 | An improper neutralization of special elements used in an OS... |
| CVE-2022-2528 | 2022-09-09 | In affected versions of Octopus Deploy it is possible to... |
| CVE-2022-38286 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list. |
| CVE-2022-38285 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/menu/list. |
| CVE-2022-38283 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/video/list. |
| CVE-2022-38284 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/department/list. |
| CVE-2022-38282 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/videoalbum/list. |
| CVE-2022-38280 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list. |
| CVE-2022-38281 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/site/list. |
| CVE-2022-38279 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/imagealbum/list. |
| CVE-2022-38278 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/friendlylink/list. |
| CVE-2022-38276 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/foldernotice/list. |
| CVE-2022-38277 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/folderrollpicture/list. |
| CVE-2022-38275 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/contact/list. |
| CVE-2022-38272 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list. |
| CVE-2022-38273 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list_approve. |
| CVE-2022-38274 | 2022-09-09 | JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/comment/list. |
| CVE-2022-37299 | 2022-09-09 | An issue was discovered in Shirne CMS 1.2.0. There is... |
| CVE-2022-39119 | 2022-09-09 | In network service, there is a missing permission check. This... |
| CVE-2022-38059 | 2022-09-09 | WordPress Access Code Feeder plugin <= 1.0.3 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2022-36280 | 2022-09-09 | There is an out-of-bounds write vulnerability in vmwgfx driver |
| CVE-2022-3147 | 2022-09-09 | Server-side Denial of Service while processing a specifically crafted JPEG file |
| CVE-2022-38096 | 2022-09-09 | There is a NULL pointer vulnerability in vmwgfx driver |
| CVE-2022-38457 | 2022-09-09 | There is an UAF vulnerability in vmwgfx driver |
| CVE-2022-40133 | 2022-09-09 | There is an UAF vulnerability in vmwgfx driver |