Pagina 4 – Azienda Sicura

Lista CVE 2022/3xxx

CVE nel gruppo: 3xxx

CVE-2022-3065 (Clicca per dettagli)

CVE-2022-3066 (Improper Access Control in jgraph/drawio)

CVE-2022-3067 (Clicca per dettagli)

CVE-2022-3068 (Clicca per dettagli)

CVE-2022-3069 (Improper Privilege Management in octoprint/octoprint)

CVE-2022-3070 (Wordlift < 3.37.2 - Admin+ Stored Cross-Site Scripting)

CVE-2022-3071 (Generate PDF using Contact Form 7 < 3.6 - Admin+ Stored Cross-Site Scripting)

CVE-2022-3072 (Clicca per dettagli)

CVE-2022-3073 (Cross-site Scripting (XSS) – Stored in francoisjacquet/rosariosis)

CVE-2022-3074 (Quaonos Schema ST4 example templates prone to XSS)

CVE-2022-3075 (Slider Hero < 8.4.4 - Admin+ Stored Cross-Site Scripting)

CVE-2022-3076 (Clicca per dettagli)

CVE-2022-3077 (CM Download Manager < 2.8.6 - Admin+ Arbitrary File Upload)

CVE-2022-3078 (Clicca per dettagli)

CVE-2022-3079 (Clicca per dettagli)

CVE-2022-3080 (Festo: CPX-CEC-C1 and CMXX, Missing Authentication for Critical Webpage Function)

CVE-2022-3082 (BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly)

CVE-2022-3083 (miniOrange Discord Integration < 2.1.6 - Subscriber+ App Disabling)

CVE-2022-3084 (Clicca per dettagli)

CVE-2022-3085 (GE CIMPLICITY Access of Uninitialized Pointer)

CVE-2022-3086 (Clicca per dettagli)

CVE-2022-3087 (Cradlepoint IBR600 Command Injection)

CVE-2022-3088 (Clicca per dettagli)

CVE-2022-3089 (Clicca per dettagli)

CVE-2022-3090 (EnOcean SmartServer Hard-coded credentials)

CVE-2022-3091 (Clicca per dettagli)

CVE-2022-3092 (Clicca per dettagli)

CVE-2022-3093 (GE CIMPLICITY Out-of-bounds Write)

CVE-2022-3094 (Clicca per dettagli)

CVE-2022-3095 (An UPDATE message flood may cause named to exhaust all available memory)

CVE-2022-3096 (Incorrect parsing of the backslash characters in Dart library)

CVE-2022-3097 (WP Total Hacks <= 4.7.2 - Subscriber+ Arbitrary Options Update to Stored XSS)

CVE-2022-3098 (LBStopAttack < 1.1.3 - Arbitrary Settings Update via CSRF)

CVE-2022-3099 (Login Block IPs <= 1.0.0 - Arbitrary Setting Update via CSRF)

CVE-2022-3100 (Use After Free in vim/vim)

CVE-2022-3101 (Clicca per dettagli)

CVE-2022-3103 (Clicca per dettagli)

CVE-2022-3104 (Clicca per dettagli)

CVE-2022-3105 (Clicca per dettagli)

CVE-2022-3106 (Clicca per dettagli)

CVE-2022-3107 (Clicca per dettagli)

CVE-2022-3108 (Clicca per dettagli)

CVE-2022-3109 (Clicca per dettagli)

CVE-2022-3110 (Clicca per dettagli)

CVE-2022-3111 (Clicca per dettagli)

CVE-2022-3112 (Clicca per dettagli)

CVE-2022-3113 (Clicca per dettagli)

CVE-2022-3114 (Clicca per dettagli)

CVE-2022-3115 (Clicca per dettagli)

CVE-2022-3116 (Clicca per dettagli)

CVE-2022-3117 (Clicca per dettagli)

CVE-2022-3118 (Clicca per dettagli)

CVE-2022-3119 (Sourcecodehero ERP System Project processlogin.php sql injection)

CVE-2022-3120 (OAuth client Single Sign On for WordPress < 3.0.4 - Unauthenticated Settings Update to Authentication Bypass)

CVE-2022-3121 (SourceCodester Clinics Patient Management System Login index.php sql injection)

CVE-2022-3122 (SourceCodester Online Employee Leave Management System addemployee.php cross-site request forgery)

CVE-2022-3123 (SourceCodester Clinics Patient Management System medicine_details.php sql injection)

CVE-2022-3124 (Cross-site Scripting (XSS) – Reflected in splitbrain/dokuwiki)

CVE-2022-3125 (Frontend File Manager < 21.3 - Unauthenticated File Renaming)

CVE-2022-3126 (Frontend File Manager < 21.3 - Subscriber+ Arbitrary File Upload)

CVE-2022-3127 (Frontend File Manager < 21.4 - File Upload via CSRF)

CVE-2022-3128 (Cross-site Scripting (XSS) – Stored in jgraph/drawio)

CVE-2022-3129 (Donation Thermometer < 2.1.3 - Admin+ Stored Cross-Site Scripting)

CVE-2022-3130 (codeprojects Online Driving School registration.php unrestricted upload)

CVE-2022-3131 (codeprojects Online Driving School login.php sql injection)

CVE-2022-3132 (Search Logger <= 0.9 - Admin+ SQLi)

CVE-2022-3133 (Goolytics – Simple Google Analytics < 1.1.2 - Admin+ Stored Cross-Site Scripting)

CVE-2022-3134 (OS Command Injection in jgraph/drawio)

CVE-2022-3135 (Use After Free in vim/vim)

CVE-2022-3136 (SEO Smart Links <= 3.0.1 - Admin+ Stored Cross-Site Scripting)

CVE-2022-3137 (Social Rocket < 1.3.3 - Admin+ Stored Cross-Site Scripting)

CVE-2022-3138 (TaskBuilder < 1.0.8 - Subscriber+ Stored XSS via SVG file upload)

CVE-2022-3139 (Cross-site Scripting (XSS) – Generic in jgraph/drawio)

CVE-2022-3140 (We’re Open! < 1.42 - Admin+ Stored Cross-Site Scripting)

CVE-2022-3141 (Macro URL arbitrary script execution)

CVE-2022-3142 (Translatepress Multilinugal < 2.3.3 - Admin+ SQLi)

CVE-2022-3143 (NEX-Forms < 7.9.7 - Authenticated SQLi)

CVE-2022-3144 (Clicca per dettagli)

CVE-2022-3145 (Clicca per dettagli)

CVE-2022-3146 (Clicca per dettagli)

Precedente Successivo