Lista CVE 2022/46xxx

CVE nel gruppo: 46xxx

CVE-2022-46137 (N/A)

CVE-2022-46139 (N/A)

CVE-2022-46140 (N/A)

CVE-2022-46141 (N/A)

CVE-2022-46142 (N/A)

CVE-2022-46143 (N/A)

CVE-2022-46144 (N/A)

CVE-2022-46145 (N/A)

CVE-2022-46146 (authentik vulnerable to unauthorized user creation and potential account takeover)

CVE-2022-46147 (Prometheus Exporter Toolkit vulnerable to basic authentication bypass)

CVE-2022-46148 (Drag and Drop XBlock v2 has XSS Issues in Xblock Input Fields)

CVE-2022-46149 (Discourse allows self-XSS through malicious composer message)

CVE-2022-46150 (Cap’n Proto vulnerable to out-of-bounds read due to logic error handling list-of-list.)

CVE-2022-46151 (Discourse may allow exposure of hidden tags in the subject of notification emails)

CVE-2022-46152 (Reflected XSS)

CVE-2022-46153 (OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function)

CVE-2022-46154 (Routes exposed with an empty TLSOption in traefik)

CVE-2022-46155 (Arbitrary file access in KodExplorer)

CVE-2022-46156 (Airtable.js credentials exposed in browser builds)

CVE-2022-46157 (Grafana’s default installation of `synthetic-monitoring-agent` exposes sensitive information)

CVE-2022-46158 (Remote php code execution in Akeneo PIM)

CVE-2022-46159 (Potential Information exposure in the upload directory in PrestaShop)

CVE-2022-46160 (Any authenticated Discourse user can create an unlisted topic)

CVE-2022-46161 (Tuleap dashboards vulnerable to Incorrect Authorization)

CVE-2022-46162 (Code injection in pdfmake)

CVE-2022-46163 (Discourse BBCode plugin vulnerable to arbitrary CSS injection)

CVE-2022-46164 (travel-support-program vulnerable to data exfiltration via Ransack query injection)

CVE-2022-46165 (Account takeover via prototype vulnerability)

CVE-2022-46166 (Cross-site Scripting (XSS) in Web GUI in syncthing)

CVE-2022-46167 (Spring Boot Admins integrated notifier support allows arbitrary code execution)

CVE-2022-46168 (Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace)

CVE-2022-46169 (Group SMTP user emails are exposed in CC email header)

CVE-2022-46170 (Unauthenticated Command Injection)

CVE-2022-46171 (CodeIgniter is vulnerable to improper authentication via Session Handlers)

CVE-2022-46172 (Tauri vulnerable to path traversal)

CVE-2022-46173 (authentik allows existing authenticated users to create arbitrary accounts)

CVE-2022-46174 (Elrond go Processing: fallback search of SCRs when not found in the main cache)

CVE-2022-46175 (Race condition during concurrent TLS mounts in efs-utils)

CVE-2022-46176 (N/A)

CVE-2022-46177 (Cargo did not verify SSH host keys)

CVE-2022-46178 (Discourse password reset link can lead to in account takeover if user changes to a new email)

CVE-2022-46179 (Path Traversal In MeterSpere allows file upload to any path)

CVE-2022-46180 (LiuOS vulnerable to Authorization Bypass through User-Controlled Key)

CVE-2022-46181 (Arbitrary HTML injection in discourse-mermaid-theme-component)

CVE-2022-46182 (Gotify server XSS vulnerability in the application image file upload)

CVE-2022-46183 (N/A)

CVE-2022-46184 (N/A)

CVE-2022-46185 (N/A)

CVE-2022-46186 (N/A)

CVE-2022-46187 (N/A)

CVE-2022-46188 (N/A)

CVE-2022-46189 (N/A)

CVE-2022-46190 (N/A)

CVE-2022-46191 (N/A)

CVE-2022-46192 (N/A)

CVE-2022-46193 (N/A)

CVE-2022-46194 (N/A)

CVE-2022-46195 (N/A)

CVE-2022-46196 (N/A)

CVE-2022-46197 (N/A)