Pagina 4 – Azienda Sicura

Lista CVE 2022/38xxx

CVE nel gruppo: 38xxx

CVE-2022-38065 (Clicca per dettagli)

CVE-2022-38066 (Clicca per dettagli)

CVE-2022-38067 (Clicca per dettagli)

CVE-2022-38068 (WordPress Event Calendar – Calendar plugin <= 1.4.6 - Unauthenticated Event Deletion vulnerability)

CVE-2022-38069 (WordPress Export Post Info plugin <= 1.1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability)

CVE-2022-38070 (Contec Health CMS8000)

CVE-2022-38072 (WordPress Pop-up plugin <= 1.1.5 - Privilege Escalation vulnerability)

CVE-2022-38073 (Clicca per dettagli)

CVE-2022-38074 (WordPress Awesome Support plugin <= 6.0.7 - Multiple Authenticated Persistent XSS (Additional Interested Parties))

CVE-2022-38075 (WordPress WP Statistics Plugin <= 13.2.10 is vulnerable to SQL Injection)

CVE-2022-38076 (WordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS))

CVE-2022-38077 (Clicca per dettagli)

CVE-2022-38078 (WordPress Popup Anything Plugin <= 2.2.1 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-38079 (Clicca per dettagli)

CVE-2022-38080 (WordPress Backup Scheduler plugin <= 1.5.13 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38081 (Clicca per dettagli)

CVE-2022-38083 (Tokensync in security subsystem has a permission bypass vulnerability. LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vulnerability to obtain system.)

CVE-2022-38085 (Clicca per dettagli)

CVE-2022-38086 (WordPress Read more By Adam plugin <= 1.1.8 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38087 (WordPress Shortcodes Ultimate plugin <= 5.12.0 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38088 (Clicca per dettagli)

CVE-2022-38089 (Clicca per dettagli)

CVE-2022-38090 (Clicca per dettagli)

CVE-2022-38093 (Clicca per dettagli)

CVE-2022-38094 (WordPress All in One SEO plugin <= 4.2.3.1 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities)

CVE-2022-38095 (Clicca per dettagli)

CVE-2022-38096 (WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38097 (There is a NULL pointer vulnerability in vmwgfx driver)

CVE-2022-38099 (Clicca per dettagli)

CVE-2022-38100 (Clicca per dettagli)

CVE-2022-38101 (Contec Health CMS8000)

CVE-2022-38102 (Clicca per dettagli)

CVE-2022-38103 (Clicca per dettagli)

CVE-2022-38104 (Clicca per dettagli)

CVE-2022-38105 (WordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerability)

CVE-2022-38106 (Clicca per dettagli)

CVE-2022-38107 (Cross-Site Scripting Vulnerability in Serv-U Web Client )

CVE-2022-38108 (Sensitive Data Disclosure Vulnerability)

CVE-2022-38110 (SolarWinds Platform Deserialization of Untrusted Data)

CVE-2022-38111 (Reflected Cross-Site Scripting Vulnerability)

CVE-2022-38112 (SolarWinds Platform Deserialization of Untrusted Data Vulnerability)

CVE-2022-38113 (Sensitive Information Disclosure Vulnerability)

CVE-2022-38114 (Information Disclosure Vulnerability )

CVE-2022-38115 (Client-Side Desync Vulnerability )

CVE-2022-38116 (Insecure Methods Vulnerability)

CVE-2022-38117 (Le-yan Co., Ltd. Personnel and Salary Management System – Hard-coded password)

CVE-2022-38118 (Juiker app – Hard-coded Credentials)

CVE-2022-38119 (HGiga OAKlouds – SQL Injection)

CVE-2022-38120 (POWERCOM CO., LTD. UPSMON PRO – Broken Authentication)

CVE-2022-38121 (POWERCOM CO., LTD. UPSMON PRO – Path Traversal)

CVE-2022-38122 (POWERCOM CO., LTD. UPSMON PRO – Insufficiently Protected Credentials)

CVE-2022-38123 (POWERCOM CO., LTD. UPSMON PRO – Cleartext Transmission of Sensitive Information)

CVE-2022-38124 (Insufficient validation of plugin files)

CVE-2022-38125 (Unwanted debug tool)

CVE-2022-38126 (FTP Agent forwards traffic on inactive ports to LinkManager)

CVE-2022-38127 (Clicca per dettagli)

CVE-2022-38128 (Clicca per dettagli)

CVE-2022-38129 (Clicca per dettagli)

CVE-2022-38130 (Clicca per dettagli)

CVE-2022-38131 (Clicca per dettagli)

CVE-2022-38132 (Clicca per dettagli)

CVE-2022-38133 (Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By specifying username and password, an attacker connected to the router’s web interface can execute arbitrary OS commands.)

CVE-2022-38134 (Clicca per dettagli)

CVE-2022-38135 (WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control vulnerability)

CVE-2022-38136 (WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability)

CVE-2022-38137 (Clicca per dettagli)

CVE-2022-38138 (WordPress Analytify plugin <= 4.2.2 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38139 (Clicca per dettagli)

CVE-2022-38140 (WordPress RD Station plugin <= 5.2.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities)

CVE-2022-38141 (WordPress SEO Plugin by Squirrly SEO Plugin <= 12.1.10 is vulnerable to Arbitrary File Upload)

CVE-2022-38142 (WordPress Sales Report Email for WooCommerce Plugin <= 2.8 is vulnerable to Broken Access Control)

CVE-2022-38143 (Clicca per dettagli)

CVE-2022-38144 (Clicca per dettagli)

CVE-2022-38145 (WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-38146 (Clicca per dettagli)

CVE-2022-38147 (Clicca per dettagli)

CVE-2022-38148 (Clicca per dettagli)

CVE-2022-38149 (Clicca per dettagli)

CVE-2022-38150 (Clicca per dettagli)

CVE-2022-38152 (Clicca per dettagli)

Precedente Successivo