Lista CVE 2022/2xxx

CVE nel gruppo: 2xxx

CVE-2022-2068 (Clicca per dettagli)

CVE-2022-2069 (The c_rehash script allows command injection)

CVE-2022-2070 ( Datalogics APDFL library Heap-based Buffer Overflow)

CVE-2022-2071 (Grandstream GSD3710 Stack-based Buffer Overflow)

CVE-2022-2072 (Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRF)

CVE-2022-2073 (Name Directory < 1.25.3 - Reflected Cross-Site Scripting)

CVE-2022-2074 ( Code Injection in getgrav/grav)

CVE-2022-2075 (Clicca per dettagli)

CVE-2022-2076 (Clicca per dettagli)

CVE-2022-2077 (Clicca per dettagli)

CVE-2022-2078 (Clicca per dettagli)

CVE-2022-2079 (Clicca per dettagli)

CVE-2022-2080 (Cross-site Scripting (XSS) – Stored in nocodb/nocodb)

CVE-2022-2081 (Sensei LMS < 4.5.2 - Arbitrary Private Message Sending via IDOR)

CVE-2022-2083 (Clicca per dettagli)

CVE-2022-2084 (Simple Single Sign On <= 4.1.0 - Authentication Bypass)

CVE-2022-2085 (sensitive data exposure in cloud-init logs)

CVE-2022-2086 (Clicca per dettagli)

CVE-2022-2087 (SourceCodester Bank Management System login.php sql injection)

CVE-2022-2088 (SourceCodester Bank Management System cross site scripting)

CVE-2022-2089 (Elcomplus SmartICS Access Control)

CVE-2022-2090 (Bold Page Builder < 4.3.3 - Admin+ Stored Cross-Site Scripting)

CVE-2022-2091 (Woo Discount Rules < 2.4.2 - Reflected Cross-Site Scripting)

CVE-2022-2092 (Cache Images < 3.2.1 - Image Upload / Import via CSRF)

CVE-2022-2093 (WooCommerce PDF Invoices & Packing Slips < 2.16.0 - Reflected Cross-Site Scripting)

CVE-2022-2094 (WP Duplicate Page < 1.3 - Admin+ Stored Cross Site Scripting)

CVE-2022-2095 (Yellow Yard Searchbar < 2.8.2 - Reflected Cross-Site Scripting)

CVE-2022-2097 (Clicca per dettagli)

CVE-2022-2098 (AES OCB fails to encrypt some bytes)

CVE-2022-2099 (Weak Password Requirements in kromitgmbh/titra)

CVE-2022-2100 (WooCommerce < 6.6.0 - Admin+ Stored HTML Injection)

CVE-2022-2101 (Page Generator Plugin < 1.6.5 - Admin+ Stored Cross-Site Scripting)

CVE-2022-2102 (Clicca per dettagli)

CVE-2022-2103 (Secheron SEPCOS Control and Protection Relay)

CVE-2022-2104 (Secheron SEPCOS Control and Protection Relay)

CVE-2022-2105 (Secheron SEPCOS Control and Protection Relay)

CVE-2022-2106 (Secheron SEPCOS Control and Protection Relay)

CVE-2022-2107 (Elcomplus SmartICS Path Traversal)

CVE-2022-2108 (ICSA-22-200-01 MiCODUS MV720 GPS tracker Use of Hard-coded Credentials)

CVE-2022-2111 (Clicca per dettagli)

CVE-2022-2112 (Unrestricted Upload of File with Dangerous Type in inventree/inventree)

CVE-2022-2113 (Improper Neutralization of Formula Elements in a CSV File in inventree/inventree)

CVE-2022-2114 (Cross-site Scripting (XSS) – Stored in inventree/inventree)

CVE-2022-2115 (Data Tables Generator by Supsystic < 1.10.20 - Admin+ Stored Cross-Site Scripting)

CVE-2022-2116 (Popup Anything < 2.1.7 - Reflected Cross-Site Scripting)

CVE-2022-2117 (Elementor Contact Form DB < 1.8.0 - Reflected Cross-Site Scripting)

CVE-2022-2118 (Clicca per dettagli)

CVE-2022-2119 (404s < 3.5.1 - Admin+ Stored Cross-Site Scripting)

CVE-2022-2120 (OFFIS DCMTK Path Traversal)

CVE-2022-2121 (OFFIS DCMTK Path Traversal)

CVE-2022-2122 (OFFIS DCMTK NULL Pointer Dereference)

CVE-2022-2123 (Clicca per dettagli)

CVE-2022-2124 (WP Opt-in <= 1.4.1 - Arbitrary Settings Update via CSRF)

CVE-2022-2125 (Buffer Over-read in vim/vim)

CVE-2022-2126 (Heap-based Buffer Overflow in vim/vim)

CVE-2022-2127 (Out-of-bounds Read in vim/vim)

CVE-2022-2128 (Samba: out-of-bounds read in winbind auth_crap)

CVE-2022-2129 (Unrestricted Upload of File with Dangerous Type in polonel/trudesk)

CVE-2022-2130 (Out-of-bounds Write in vim/vim)

CVE-2022-2131 (Cross-site Scripting (XSS) – Reflected in microweber/microweber)

CVE-2022-2132 (OpenKM XXE Injection)

CVE-2022-2133 (Clicca per dettagli)

CVE-2022-2134 (OAuth Single Sign On < 6.22.6 - Authentication Bypass)

CVE-2022-2135 (Allocation of Resources Without Limits or Throttling in inventree/inventree)

CVE-2022-2136 (Advantech iView)

CVE-2022-2137 (Advantech iView)

CVE-2022-2138 (Advantech iView)

CVE-2022-2139 (Advantech iView)

CVE-2022-2140 (Advantech iView)

CVE-2022-2141 (Elcomplus SmartICS Cross-site Scripting)

CVE-2022-2142 (ICSA-22-200-01 MiCODUS MV720 GPS tracker Improper Authentication)

CVE-2022-2143 (Advantech iView)

CVE-2022-2144 (Advantech iView)

CVE-2022-2145 (Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF)

CVE-2022-2146 (Cloudlfare WARP Arbitrary File Overwrite )

CVE-2022-2147 (Import CSV Files <= 1.0 - Reflected Cross-Site Scripting)

CVE-2022-2148 (Unquoted Service Path in Cloudflare WARP for Windows)

CVE-2022-2149 (LinkedIn Company Updates <= 1.5.3 - Admin+ Stored Cross-Site Scripting)

CVE-2022-2151 (Very Simple Breadcrumb <= 1.0 - Admin+ Stored Cross-Site Scripting)

CVE-2022-2152 (Best Contact Management Software <= 3.7.3 - Admin+ Stored Cross-Site Scripting)