Pagina 3 – Azienda Sicura

Lista CVE 2022/38xxx

CVE nel gruppo: 38xxx

CVE-2022-38044 (N/A)

CVE-2022-38045 (Windows CD-ROM File System Driver Remote Code Execution Vulnerability)

CVE-2022-38046 (Windows Server Service Elevation of Privilege Vulnerability)

CVE-2022-38047 (Web Account Manager Information Disclosure Vulnerability)

CVE-2022-38048 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability)

CVE-2022-38049 (Microsoft Office Remote Code Execution Vulnerability)

CVE-2022-38050 (Microsoft Office Graphics Remote Code Execution Vulnerability)

CVE-2022-38051 (Win32k Elevation of Privilege Vulnerability)

CVE-2022-38053 (Windows Graphics Component Elevation of Privilege Vulnerability)

CVE-2022-38054 (Microsoft SharePoint Server Remote Code Execution Vulnerability)

CVE-2022-38055 (Session Fixation)

CVE-2022-38056 (WordPress wpForo Forum plugin <= 2.0.9 - Auth. HTML Injection vulnerability)

CVE-2022-38057 (N/A)

CVE-2022-38058 (WordPress TH Advance Product Search plugin <= 1.2.1 - Unauthenticated Plugin Settings Reset vulnerability)

CVE-2022-38059 (WordPress WP Shamsi plugin <= 4.1.1 - Authenticated Plugin Setting change vulnerability)

CVE-2022-38060 (WordPress Access Code Feeder plugin <= 1.0.3 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38061 (N/A)

CVE-2022-38062 (WordPress Export Post Info plugin <= 1.2.0 - Authenticated CSV Injection vulnerability)

CVE-2022-38063 (WordPress Download Theme Plugin <= 1.0.9 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-38064 (WordPress Social Login WP Plugin <= 5.0.0.0 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-38065 (windowmanager in window subsystem has a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information.)

CVE-2022-38066 (N/A)

CVE-2022-38067 (N/A)

CVE-2022-38068 (WordPress Event Calendar – Calendar plugin <= 1.4.6 - Unauthenticated Event Deletion vulnerability)

CVE-2022-38069 (WordPress Export Post Info plugin <= 1.1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability)

CVE-2022-38070 (Contec Health CMS8000)

CVE-2022-38072 (WordPress Pop-up plugin <= 1.1.5 - Privilege Escalation vulnerability)

CVE-2022-38073 (N/A)

CVE-2022-38074 (WordPress Awesome Support plugin <= 6.0.7 - Multiple Authenticated Persistent XSS (Additional Interested Parties))

CVE-2022-38075 (WordPress WP Statistics Plugin <= 13.2.10 is vulnerable to SQL Injection)

CVE-2022-38076 (WordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS))

CVE-2022-38077 (N/A)

CVE-2022-38078 (WordPress Popup Anything Plugin <= 2.2.1 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-38079 (N/A)

CVE-2022-38080 (WordPress Backup Scheduler plugin <= 1.5.13 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38081 (N/A)

CVE-2022-38083 (Tokensync in security subsystem has a permission bypass vulnerability. LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vulnerability to obtain system.)

CVE-2022-38085 (N/A)

CVE-2022-38086 (WordPress Read more By Adam plugin <= 1.1.8 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38087 (WordPress Shortcodes Ultimate plugin <= 5.12.0 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38088 (N/A)

CVE-2022-38089 (N/A)

CVE-2022-38090 (N/A)

CVE-2022-38093 (N/A)

CVE-2022-38094 (WordPress All in One SEO plugin <= 4.2.3.1 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities)

CVE-2022-38095 (N/A)

CVE-2022-38096 (WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38097 (There is a NULL pointer vulnerability in vmwgfx driver)

CVE-2022-38099 (N/A)

CVE-2022-38100 (N/A)

CVE-2022-38101 (Contec Health CMS8000)

CVE-2022-38102 (N/A)

CVE-2022-38103 (N/A)

CVE-2022-38104 (N/A)

CVE-2022-38105 (WordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerability)

CVE-2022-38106 (N/A)

CVE-2022-38107 (Cross-Site Scripting Vulnerability in Serv-U Web Client )

CVE-2022-38108 (Sensitive Data Disclosure Vulnerability)

CVE-2022-38110 (SolarWinds Platform Deserialization of Untrusted Data)

CVE-2022-38111 (Reflected Cross-Site Scripting Vulnerability)

Precedente Successivo