CVE-2022-30xxx

There are 716 CVE in this subgroup.
Last updated: 
← Back to 2022
ID Summary Flags Max Score
CVE-2022-30000 Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt...
E
CVE-2022-30001 Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id...
E
CVE-2022-30002 Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nomine...
E
CVE-2022-30003 Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing at...
E
CVE-2022-30004 Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vul...
E
CVE-2022-30007 GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template mana...
E
CVE-2022-30011 In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injec...
E
CVE-2022-30012 In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities ...
E
CVE-2022-30013 A stored cross-site scripting (XSS) vulnerability in the upload function of totaljs CMS 3.4.5 allows...
E
CVE-2022-30014 Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which ...
E
CVE-2022-30015 In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fiel...
E
CVE-2022-30016 Rescue Dispatch Management System 1.0 is vulnerable to Incorrect Access Control via http://localhost...
E
CVE-2022-30017 Rescue Dispatch Management System 1.0 suffers from Stored XSS, leading to admin account takeover via...
E
CVE-2022-30018 Mobotix Control Center (MxCC) through 2.5.4.5 has Insufficiently Protected Credentials, Storing Pass...
E
CVE-2022-30023 Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping func...
E
CVE-2022-30024 A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices all...
CVE-2022-30025 SQL injection in "/Framewrk/Home.jsp" file (POST method) in tCredence Analytics iDEAL Wealth and Fun...
E
CVE-2022-30028 Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing ...
CVE-2022-30033 Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in htt...
E M
CVE-2022-30034 Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to...
E
CVE-2022-30036 MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position ...
E
CVE-2022-30037 XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers...
E
CVE-2022-30040 Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / ...
E
CVE-2022-30045 An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect...
E
CVE-2022-30047 Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExclu...
E
CVE-2022-30048 Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI v...
E
CVE-2022-30049 A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP addres...
E
CVE-2022-30050 Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via bbs/member_confirm.php....
E
CVE-2022-30052 In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks....
E
CVE-2022-30053 In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attack...
E
CVE-2022-30054 In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection attacks....
E
CVE-2022-30055 Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability that could lead to Remote Code Exe...
E
CVE-2022-30057 Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability....
E
CVE-2022-30058 Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong ...
E
CVE-2022-30059 Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong pa...
E
CVE-2022-30060 ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php...
E
CVE-2022-30061 ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp....
E
CVE-2022-30062 ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php...
E
CVE-2022-30063 ftcms <=2.1 was discovered to be vulnerable to code execution attacks ....
E
CVE-2022-30065 A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code executi...
E
CVE-2022-30067 GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program ...
E
CVE-2022-30072 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\pages\sections_save.php namese...
E
CVE-2022-30073 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php....
E
CVE-2022-30075 In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interfac...
E
CVE-2022-30076 ENTAB ERP 1.0 allows attackers to discover users' full names via a brute force attack with a series ...
E
CVE-2022-30078 NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions ...
E
CVE-2022-30079 Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.1...
E
CVE-2022-30083 EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears...
E
CVE-2022-30105 In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible befo...
E
CVE-2022-30110 The file preview functionality in Jirafeau < 4.4.0, which is enabled by default, could be exploited ...
S
CVE-2022-30111 Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to ...
E
CVE-2022-30113 Electronic mall system 1.0_build20200203 is affected vulnerable to SQL Injection....
CVE-2022-30114 A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmwa...
E
CVE-2022-30115 Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure cle...
E S
CVE-2022-30117 Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/sys...
CVE-2022-30118 Title for CVE: XSS in /dashboard/system/express/entities/forms/save_control/[GUID]: old browsers onl...
CVE-2022-30119 XSS in /dashboard/reports/logs/view - old browsers only. When using Internet Explorer with the XSS p...
CVE-2022-30120 XSS in /dashboard/blocks/stacks/view_details/ - old browsers only. When using an older browser with ...
CVE-2022-30121 The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to lau...
CVE-2022-30122 A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the mul...
CVE-2022-30123 A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow ...
CVE-2022-30124 An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that allowed...
E
CVE-2022-30126 Apache Tika Regular Expression Denial of Service in Standards Extractor
M
CVE-2022-30127 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
S
CVE-2022-30128 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
S
CVE-2022-30129 Visual Studio Code Remote Code Execution Vulnerability
E S
CVE-2022-30130 .NET Framework Denial of Service Vulnerability
CVE-2022-30131 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
S
CVE-2022-30132 Windows Container Manager Service Elevation of Privilege Vulnerability
S
CVE-2022-30133 Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
CVE-2022-30134 Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-30135 Windows Media Center Elevation of Privilege Vulnerability
S
CVE-2022-30136 Windows Network File System Remote Code Execution Vulnerability
S
CVE-2022-30137 Azure Service Fabric Container Elevation of Privilege Vulnerability
S
CVE-2022-30138 Windows Print Spooler Elevation of Privilege Vulnerability
S
CVE-2022-30139 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
S
CVE-2022-30140 Windows iSCSI Discovery Service Remote Code Execution Vulnerability
S
CVE-2022-30141 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
S
CVE-2022-30142 Windows File History Remote Code Execution Vulnerability
S
CVE-2022-30143 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
S
CVE-2022-30144 Windows Bluetooth Service Remote Code Execution Vulnerability
CVE-2022-30145 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability
S
CVE-2022-30146 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
S
CVE-2022-30147 Windows Installer Elevation of Privilege Vulnerability
S
CVE-2022-30148 Windows Desired State Configuration (DSC) Information Disclosure Vulnerability
S
CVE-2022-30149 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
S
CVE-2022-30150 Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability
S
CVE-2022-30151 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
S
CVE-2022-30152 Windows Network Address Translation (NAT) Denial of Service Vulnerability
S
CVE-2022-30153 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
S
CVE-2022-30154 Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability
S
CVE-2022-30155 Windows Kernel Denial of Service Vulnerability
S
CVE-2022-30157 Microsoft SharePoint Server Remote Code Execution Vulnerability
S
CVE-2022-30158 Microsoft SharePoint Server Remote Code Execution Vulnerability
S
CVE-2022-30159 Microsoft Office Information Disclosure Vulnerability
S
CVE-2022-30160 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
S
CVE-2022-30161 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
S
CVE-2022-30162 Windows Kernel Information Disclosure Vulnerability
S
CVE-2022-30163 Windows Hyper-V Remote Code Execution Vulnerability
S
CVE-2022-30164 Kerberos AppContainer Security Feature Bypass Vulnerability
S
CVE-2022-30165 Windows Kerberos Elevation of Privilege Vulnerability
S
CVE-2022-30166 Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
S
CVE-2022-30167 AV1 Video Extension Remote Code Execution Vulnerability
S
CVE-2022-30168 Microsoft Photos App Remote Code Execution Vulnerability
S
CVE-2022-30170 Windows Credential Roaming Service Elevation of Privilege Vulnerability
CVE-2022-30171 Microsoft Office Information Disclosure Vulnerability
S
CVE-2022-30172 Microsoft Office Information Disclosure Vulnerability
S
CVE-2022-30173 Microsoft Excel Remote Code Execution Vulnerability
S
CVE-2022-30174 Microsoft Office Remote Code Execution Vulnerability
S
CVE-2022-30175 Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-30176 Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-30177 Azure RTOS GUIX Studio Remote Code Execution Vulnerability
S
CVE-2022-30178 Azure RTOS GUIX Studio Remote Code Execution Vulnerability
S
CVE-2022-30179 Azure RTOS GUIX Studio Remote Code Execution Vulnerability
S
CVE-2022-30180 Azure RTOS GUIX Studio Information Disclosure Vulnerability
S
CVE-2022-30181 Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-30184 .NET and Visual Studio Information Disclosure Vulnerability
S
CVE-2022-30187 Azure Storage Library Information Disclosure Vulnerability
CVE-2022-30188 HEVC Video Extensions Remote Code Execution Vulnerability
S
CVE-2022-30189 Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability
S
CVE-2022-30190 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
KEV E S
CVE-2022-30192 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
S
CVE-2022-30193 AV1 Video Extension Remote Code Execution Vulnerability
S
CVE-2022-30194 Windows WebBrowser Control Remote Code Execution Vulnerability
CVE-2022-30196 Windows Secure Channel Denial of Service Vulnerability
CVE-2022-30197 Windows Kernel Information Disclosure Vulnerability
CVE-2022-30198 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
S
CVE-2022-30200 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30202 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-30203 Windows Boot Manager Security Feature Bypass Vulnerability
CVE-2022-30205 Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-30206 Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-30208 Windows Security Account Manager (SAM) Denial of Service Vulnerability
CVE-2022-30209 Windows IIS Server Elevation of Privilege Vulnerability
CVE-2022-30211 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2022-30212 Windows Connected Devices Platform Service Information Disclosure Vulnerability
CVE-2022-30213 Windows GDI+ Information Disclosure Vulnerability
CVE-2022-30214 Windows DNS Server Remote Code Execution Vulnerability
CVE-2022-30215 Active Directory Federation Services Elevation of Privilege Vulnerability
CVE-2022-30216 Windows Server Service Tampering Vulnerability
CVE-2022-30220 Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-30221 Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-30222 Windows Shell Remote Code Execution Vulnerability
CVE-2022-30223 Windows Hyper-V Information Disclosure Vulnerability
CVE-2022-30224 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-30225 Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability
CVE-2022-30226 Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-30228 A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM G...
S
CVE-2022-30229 A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM G...
S
CVE-2022-30230 A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM G...
S
CVE-2022-30231 A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM G...
S
CVE-2022-30232 A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code exec...
S
CVE-2022-30233 A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciou...
M
CVE-2022-30234 A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be ...
M
CVE-2022-30235 A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could...
M
CVE-2022-30236 A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unautho...
M
CVE-2022-30237 A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication...
M
CVE-2022-30238 A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over th...
M
CVE-2022-30239 An argument injection vulnerability in the browser-based authentication component of the Magnitude S...
CVE-2022-30240 An argument injection vulnerability in the browser-based authentication component of the Magnitude S...
CVE-2022-30241 The jquery.json-viewer library through 1.4.0 for Node.js does not properly escape characters such as...
S
CVE-2022-30242 Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuratio...
CVE-2022-30243 Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from rem...
CVE-2022-30244 Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming ...
CVE-2022-30245 Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote us...
CVE-2022-30256 An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended do...
CVE-2022-30257 An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended ...
CVE-2022-30258 An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended ...
CVE-2022-30260 Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware integrity ...
CVE-2022-30262 The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They...
M
CVE-2022-30264 The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operati...
M
CVE-2022-30269 Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom appl...
M
CVE-2022-30270 The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on ...
M
CVE-2022-30271 The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initializatio...
M
CVE-2022-30272 The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the ST...
M
CVE-2022-30273 The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three securi...
M
CVE-2022-30274 The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an...
M
CVE-2022-30275 The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It utilizes ...
M
CVE-2022-30276 The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They...
M
CVE-2022-30277 BD Synapsys™ – Insufficient Session Expiration
S
CVE-2022-30278 A vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files could allow an unauthe...
CVE-2022-30279 An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging ...
CVE-2022-30280 /SecurityManagement/html/createuser.jsf in Nokia NetAct 22 allows CSRF. A remote attacker is able to...
E
CVE-2022-30283 In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB tra...
CVE-2022-30284 In the python-libnmap package through 0.7.2 for Python, remote command execution can occur (if used ...
E M
CVE-2022-30285 In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during a...
CVE-2022-30286 pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read P...
E S
CVE-2022-30287 Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an...
E
CVE-2022-30288 Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an applicat...
E
CVE-2022-30289 A stored Cross-site Scripting (XSS) vulnerability was identified in the Data Import functionality of...
CVE-2022-30290 In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile e...
CVE-2022-30292 Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack...
S
CVE-2022-30293 In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::Text...
E S
CVE-2022-30294 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-30293. Reason: This candidat...
R
CVE-2022-30295 uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may le...
CVE-2022-30296 Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all ver...
CVE-2022-30297 Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user t...
CVE-2022-30298 An improper privilege management vulnerability [CWE-269] in Fortinet FortiSOAR before 7.2.1 allows a...
CVE-2022-30299 A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6....
S
CVE-2022-30300 A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3....
S
CVE-2022-30301 A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5...
S
CVE-2022-30302 Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface 1.0....
S
CVE-2022-30303 An improper neutralization of special elements used in an os command ('OS Command Injection') [CWE-7...
S
CVE-2022-30304 An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyz...
S
CVE-2022-30305 An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3....
S
CVE-2022-30306 A stack-based buffer overflow vulnerability [CWE-121] in the CA sign functionality of FortiWeb versi...
S
CVE-2022-30307 A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and b...
S
CVE-2022-30308 FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability
CVE-2022-30309 FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability
CVE-2022-30310 FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability
CVE-2022-30311 FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability
CVE-2022-30312 The Trend Controls IC protocol through 2022-05-06 allows Cleartext Transmission of Sensitive Informa...
CVE-2022-30313 Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical F...
M
CVE-2022-30314 Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052,...
M
CVE-2022-30315 Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification ...
M
CVE-2022-30316 Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. Accor...
M
CVE-2022-30317 Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. Accordi...
M
CVE-2022-30318 Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there...
CVE-2022-30319 Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2...
CVE-2022-30320 Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. A...
CVE-2022-30321 go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink...
CVE-2022-30322 go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion when go-getter processed mal...
CVE-2022-30323 go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files. Fixed in 1.6...
CVE-2022-30324 HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabil...
CVE-2022-30325 An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for ...
CVE-2022-30326 An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key fiel...
CVE-2022-30327 An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable...
E
CVE-2022-30328 An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup...
CVE-2022-30329 An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability e...
CVE-2022-30330 In the KeepKey firmware before 7.3.2,Flaws in the supervisor interface can be exploited to bypass im...
E S
CVE-2022-30331 The User-Defined Functions (UDF) feature in TigerGraph 3.6.0 allows installation of a query (in the ...
CVE-2022-30332 In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provide...
CVE-2022-30333 RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an ex...
KEV E S
CVE-2022-30334 Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer...
E S
CVE-2022-30335 Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supp...
CVE-2022-30337 WordPress WP Meta SEO plugin <= 4.4.8 - Social Settings Update vis Cross-Site Request Forgery (CSRF) vulnerability
S
CVE-2022-30338 Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an a...
CVE-2022-30339 Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.457...
CVE-2022-30349 siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS)....
E
CVE-2022-30350 Avanquest Software RAD PDF (PDFEscape Online) 3.19.2.2 is vulnerable to Information Leak / Disclosur...
E
CVE-2022-30351 PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly...
CVE-2022-30352 phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data ...
E
CVE-2022-30354 OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET reques...
E
CVE-2022-30355 OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to ...
CVE-2022-30356 OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST request ...
E
CVE-2022-30357 OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to ...
E
CVE-2022-30358 OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to ...
E
CVE-2022-30359 OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET reques...
E
CVE-2022-30360 OvalEdge 5.2.8.0 and earlier is affected by multiple Stored XSS (AKA Persistent or Type II) vulnerab...
E
CVE-2022-30361 OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET reques...
E
CVE-2022-30367 Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delet...
E
CVE-2022-30370 Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete...
E
CVE-2022-30371 Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_carg...
E
CVE-2022-30372 Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete...
E
CVE-2022-30373 Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_ca...
E
CVE-2022-30374 Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/ma...
E
CVE-2022-30375 Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Ma...
E
CVE-2022-30376 Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/memb...
E
CVE-2022-30378 Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?pag...
E
CVE-2022-30379 Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?pag...
E
CVE-2022-30381 Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?...
E
CVE-2022-30384 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?...
E
CVE-2022-30385 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?...
E
CVE-2022-30386 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?...
E
CVE-2022-30387 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?...
CVE-2022-30391 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?...
E
CVE-2022-30392 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?...
E
CVE-2022-30393 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product...
E
CVE-2022-30395 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?...
E
CVE-2022-30396 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=invento...
E
CVE-2022-30398 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/...
E
CVE-2022-30399 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=mainten...
E
CVE-2022-30400 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_o...
E
CVE-2022-30401 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=...
E
CVE-2022-30402 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=mainten...
E
CVE-2022-30403 Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=....
E
CVE-2022-30404 College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/d...
CVE-2022-30407 Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inve...
E
CVE-2022-30408 Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master...
E
CVE-2022-30411 Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=in...
E
CVE-2022-30412 Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individu...
E
CVE-2022-30413 Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master...
E
CVE-2022-30414 Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=ap...
E
CVE-2022-30415 Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applicat...
E
CVE-2022-30417 Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=use...
E
CVE-2022-30421 Improper Authentication vulnerability in Toshiba Storage Security Software V1.2.0.7413 is that allow...
E
CVE-2022-30422 Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerab...
E M
CVE-2022-30423 Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in th...
E
CVE-2022-30425 Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerabilit...
E
CVE-2022-30426 There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI...
E
CVE-2022-30427 In ginadmin through 05-10-2022 the incoming path value is not filtered, resulting in directory trave...
E
CVE-2022-30428 In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file...
E
CVE-2022-30429 Multiple cross-site scripting (XSS) vulnerabilities in Neos CMS allow attackers with the editor role...
E
CVE-2022-30448 Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload...
E
CVE-2022-30449 Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injecti...
E
CVE-2022-30450 A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php...
E
CVE-2022-30451 An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1...
E
CVE-2022-30452 ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php...
E
CVE-2022-30453 ShopWind <= 3.4.2 has a RCE vulnerability in Database.php...
E
CVE-2022-30454 Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f...
E
CVE-2022-30455 Badminton Center Management System 1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f...
E
CVE-2022-30456 Badminton Center Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /bcms/classes...
E
CVE-2022-30457 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-30458 Automotive Shop Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /asms/classes...
E
CVE-2022-30459 ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simple_chat_bot/clas...
E
CVE-2022-30460 Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /sns/classes/User...
E
CVE-2022-30461 Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=d...
E
CVE-2022-30462 Water-billing-management-system v1.0 is affected by: Cross Site Scripting (XSS) via /wbms/classes/Us...
E
CVE-2022-30463 Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f...
E
CVE-2022-30464 ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to Cross Site Scripting (XSS) via /simple_...
E
CVE-2022-30466 joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture-re...
E
CVE-2022-30467 Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote attac...
E
CVE-2022-30469 In Afian Filerun 20220202, lack of sanitization of the POST parameter "metadata[]" in `/?module=file...
E
CVE-2022-30470 In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploa...
CVE-2022-30472 Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in fun...
E
CVE-2022-30473 Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in fu...
E
CVE-2022-30474 Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the http...
E
CVE-2022-30475 Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overfl...
E
CVE-2022-30476 Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overfl...
E
CVE-2022-30477 Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overfl...
E
CVE-2022-30478 Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in \search_pro...
E
CVE-2022-30481 Food-order-and-table-reservation-system- 1.0 is vulnerable to SQL Injection in categorywise-menu.php...
E
CVE-2022-30482 Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- 1.0 is vulnerable to Cross Site Scripting (XSS) ...
E
CVE-2022-30489 WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostna...
E
CVE-2022-30490 Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/a...
E
CVE-2022-30493 In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind S...
E
CVE-2022-30494 In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from...
E
CVE-2022-30495 In oretnom23 Automotive Shop Management System v1.0, the name id parameter is vulnerable to IDOR - B...
E
CVE-2022-30496 SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL ...
E
CVE-2022-30500 Jfinal cms 5.1.0 is vulnerable to SQL Injection....
E
CVE-2022-30503 Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number a...
S
CVE-2022-30506 An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute...
E
CVE-2022-30508 DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via th...
E
CVE-2022-30510 School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/daily_collection_r...
E
CVE-2022-30511 School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/view_details.php:...
E
CVE-2022-30512 School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.p...
E
CVE-2022-30513 School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via ad...
E
CVE-2022-30514 School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via ad...
E
CVE-2022-30515 ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an at...
E
CVE-2022-30516 In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL...
E
CVE-2022-30517 Mogu blog 5.2 is vulnerable to Cross Site Scripting (XSS)....
E
CVE-2022-30518 ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerab...
E
CVE-2022-30519 XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker t...
E
CVE-2022-30521 The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link...
E
CVE-2022-30522 mod_sed denial of service
CVE-2022-30523 Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Followi...
CVE-2022-30524 There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because th...
E
CVE-2022-30525 A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5...
KEV E
CVE-2022-30526 A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firm...
E
CVE-2022-30527 A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application ass...
S
CVE-2022-30528 SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th ...
E
CVE-2022-30529 File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 20...
E
CVE-2022-30530 Protection mechanism failure in the Intel(R) DSA software before version 22.4.26 may allow an authen...
S
CVE-2022-30531 Out-of-bounds read in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1474 ma...
CVE-2022-30532 In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus D...
CVE-2022-30533 Cross-site scripting vulnerability in Modern Events Calendar Lite versions prior to 6.3.0 allows rem...
CVE-2022-30534 An OS command injection vulnerability exists in the aVideoEncoder chunkfile functionality of WWBN AV...
CVE-2022-30535 NGINX Ingress Controller vulnerability CVE-2022-30535
CVE-2022-30536 WordPress WP Maintenance plugin <= 6.0.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
S
CVE-2022-30537 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i...
R
CVE-2022-30538 Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-...
CVE-2022-30539 Use after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to pote...
CVE-2022-30540 Horner Automation Cscape Csfont
S
CVE-2022-30541 An OS command injection vulnerability exists in the XCMD setUPnP functionality of Abode Systems, Inc...
E
CVE-2022-30542 Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server Sy...
S
CVE-2022-30543 A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InR...
E
CVE-2022-30544 WordPress OSM – OpenStreetMap Plugin <= 6.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2022-30545 WordPress 5 Anker Connect plugin <= 1.2.6 - Reflected Cross-Site Scripting (XSS) vulnerability
S
CVE-2022-30546 Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-S...
CVE-2022-30547 A directory traversal vulnerability exists in the unzipDirectory functionality of WWBN AVideo 11.6 a...
E
CVE-2022-30548 Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to p...
CVE-2022-30549 Out-of-bounds read vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13....
CVE-2022-30550 An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb ...
S
CVE-2022-30551 OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing me...
S
CVE-2022-30552 Das U-Boot 2022.01 has a Buffer Overflow....
CVE-2022-30556 Information Disclosure in mod_lua with websockets
CVE-2022-30557 Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash becaus...
S
CVE-2022-30560 When an attacker obtaining the administrative account and password, or through a man-in-the-middle a...
CVE-2022-30561 When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging i...
CVE-2022-30562 If the user enables the https function on the device, an attacker can modify the user’s request data...
CVE-2022-30563 When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging i...
CVE-2022-30564 Some Dahua embedded products have a vulnerability of unauthorized modification of the device timesta...
CVE-2022-30570 TIBCO Data Virtualization Access Control Vulnerability
S
CVE-2022-30571 TIBCO iWay Service Manager Reflected Cross Site Scripting (XSS) Vulnerability
S
CVE-2022-30572 TIBCO iWay Service Manager Directory Traversal Vulnerability
S
CVE-2022-30573 TIBCO FTL Privilege Escalation
S
CVE-2022-30574 TIBCO eFTL Secret Jacking
S
CVE-2022-30575 TIBCO Statistica Reflected Cross Site Scripting (XSS) Vulnerability
S
CVE-2022-30576 TIBCO Statistica Stored Cross Site Scripting (XSS) Vulnerability
S
CVE-2022-30577 TIBCO EBX Stored XSS vulnerability
S
CVE-2022-30578 TIBCO EBX Add-ons Stored XSS vulnerability
S
CVE-2022-30579 TIBCO Spotfire Server Blind SSRF vulnerability
S
CVE-2022-30580 Empty Cmd.Path can trigger unintended binary in os/exec on Windows
S
CVE-2022-30584 Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within ...
CVE-2022-30585 The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerab...
CVE-2022-30586 Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution....
CVE-2022-30587 Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to information disclosure...
CVE-2022-30591 quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a ...
E
CVE-2022-30592 liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACIT...
S
CVE-2022-30594 The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows att...
E S
CVE-2022-30595 libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TG...
E
CVE-2022-30596 A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments re...
S
CVE-2022-30597 A flaw was found in moodle where the description user field was not hidden when being set as a hidde...
S
CVE-2022-30598 A flaw was found in moodle where global search results could include author information on some acti...
S
CVE-2022-30599 A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to con...
S
CVE-2022-30600 A flaw was found in moodle where logic used to count failed login attempts could result in the accou...
S
CVE-2022-30601 Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow ...
M
CVE-2022-30602 Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remot...
CVE-2022-30603 An OS command injection vulnerability exists in the web interface /action/iperf functionality of Abo...
E
CVE-2022-30604 Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allo...
CVE-2022-30605 A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and ...
E
CVE-2022-30606 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i...
R
CVE-2022-30607 IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability...
S
CVE-2022-30608 "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allo...
S
CVE-2022-30610 IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where...
S
CVE-2022-30611 IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, ca...
S
CVE-2022-30613 IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged...
S
CVE-2022-30614 IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a denial of service via email flood...
S
CVE-2022-30615 "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability al...
S
CVE-2022-30616 IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to elevate t...
CVE-2022-30617 An authenticated user with access to the Strapi admin panel can view private and sensitive data, suc...
CVE-2022-30618 An authenticated user with access to the Strapi admin panel can view private and sensitive data, suc...
CVE-2022-30619 Agile Point - Agile Point NX SQL injection (SQLi)
S
CVE-2022-30620 Cellinx NVT – IP PTZ Camera Privilege Escalation
CVE-2022-30621 Cellinx NVT – IP PTZ Camera local file inclusion
CVE-2022-30622 Chcnav - P5E GNSS Information disclosure
CVE-2022-30623 Chcnav - P5E GNSS Authentication bypass
CVE-2022-30624 Chcnav - P5E GNSS Authentication bypass admin password reset
CVE-2022-30625 Chcnav - P5E GNSS Directory listing
CVE-2022-30626 Chcnav - P5E GNSS API not secure
CVE-2022-30627 Chcnav - P5E GNSS Information disclosure hard coded credentials.
CVE-2022-30628 Supersmart.me – Walk Through access to business information without authentication
S
CVE-2022-30629 Session tickets lack random ticket_age_add in crypto/tls
E S
CVE-2022-30630 Stack exhaustion in Glob on certain paths in io/fs
S
CVE-2022-30631 Stack exhaustion when reading certain archives in compress/gzip
S
CVE-2022-30632 Stack exhaustion on crafted paths in path/filepath
S
CVE-2022-30633 Stack exhaustion when unmarshaling certain documents in encoding/xml
S
CVE-2022-30634 Indefinite hang with large buffers on Windows in crypto/rand
E S
CVE-2022-30635 Stack exhaustion when decoding certain messages in encoding/gob
S
CVE-2022-30636 Limited directory traversal vulnerability on Windows in golang.org/x/crypto
CVE-2022-30637 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30638 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30639 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30640 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30641 Adobe Illustrator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30642 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30643 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30644 Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability
S
CVE-2022-30645 Adobe Illustrator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30646 Adobe Illustrator Font Parsing Out-of-bounds Write Remote Code Execution Vulnerability
S
CVE-2022-30647 Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability
S
CVE-2022-30648 Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability
S
CVE-2022-30649 Adobe Illustrator Out-of-bounds Write could lead to Arbitrary code execution
S
CVE-2022-30650 Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2022-30651 Adobe InCopy Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
CVE-2022-30652 Adobe InCopy SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30653 Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30654 Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2022-30655 Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability
CVE-2022-30656 Adobe InCopy PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30657 Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability
CVE-2022-30658 Adobe InDesign Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2022-30659 Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30660 Adobe InDesign PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30661 Adobe InDesign Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2022-30662 Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30663 Adobe InDesign SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30664 Adobe Animate SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30665 Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2022-30666 Adobe Illustrator Out-of-bounds Read Vulnerability could lead to Memory Leak
S
CVE-2022-30667 Adobe Illustrator Out-of-bounds Read Vulnerability could lead to Memory Leak
S
CVE-2022-30668 Adobe Illustrator Out-of-bounds Read Vulnerability could lead to Memory Leak
S
CVE-2022-30669 Adobe Illustrator Out-of-bounds Read Vulnerability could lead to Memory Leak
S
CVE-2022-30670 Escalate Privileges to Server Admin - Robohelp Server
CVE-2022-30671 Adobe InDesign 2022 Out-of-Bound Read Memory leak
CVE-2022-30672 Adobe InDesign 2022 Out-of-Bound Read Memory leak
CVE-2022-30673 Adobe InDesign 2022 Out-of-Bound Read Memory leak
CVE-2022-30674 Adobe InDesign 2022 Out-of-Bound Read Memory leak
CVE-2022-30675 Adobe InDesign 2022 Out-of-Bound Read Memory leak
CVE-2022-30676 Adobe InDesign 2022 Out-of-Bound Read Memory leak
CVE-2022-30677 AEM Reflected XSS Arbitrary code execution
CVE-2022-30678 AEM Reflected XSS Arbitrary code execution
CVE-2022-30679 AEM Reflected XSS Arbitrary code execution
CVE-2022-30680 AEM Reflected XSS Arbitrary code execution
CVE-2022-30681 AEM Reflected XSS Arbitrary code execution
CVE-2022-30682 AEM Reflected XSS Arbitrary code execution
CVE-2022-30683 AEM Violation of Secure Design Principles Security feature bypass
CVE-2022-30684 AEM Reflected XSS Arbitrary code execution
CVE-2022-30685 AEM Reflected XSS Arbitrary code execution
CVE-2022-30686 AEM Reflected XSS Arbitrary code execution
CVE-2022-30687 Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a...
CVE-2022-30688 needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the...
S
CVE-2022-30689 HashiCorp Vault and Vault Enterprise from 1.10.0 to 1.10.2 did not correctly configure and enforce M...
CVE-2022-30690 A cross-site scripting (xss) vulnerability exists in the image403 functionality of WWBN AVideo 11.6 ...
E
CVE-2022-30691 Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.2...
CVE-2022-30692 Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an unauthen...
S
CVE-2022-30693 Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 a...
CVE-2022-30694 The login endpoint /FormLogin in affected web services does not apply proper origin checking. Thi...
S
CVE-2022-30695 Local privilege escalation due to excessive permissions assigned to child processes
CVE-2022-30696 Local privilege escalation due to a DLL hijacking vulnerability
CVE-2022-30697 Local privilege escalation due to insecure folder permissions
CVE-2022-30698 Novel "ghost domain names" attack by introducing subdomain delegations
CVE-2022-30699 Novel "ghost domain names" attack by updating almost expired delegation information
CVE-2022-30700 An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service c...
CVE-2022-30701 An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service ...
CVE-2022-30702 Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Dis...
CVE-2022-30703 Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerabi...
CVE-2022-30704 Improper initialization in the Intel(R) TXT SINIT ACM for some Intel(R) Processors may allow a privi...
CVE-2022-30705 WordPress WordPress Ping Optimizer Plugin <= 2.35.1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)
S
CVE-2022-30706 Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker...
CVE-2022-30707 Violation of secure design principles exists in the communication of CAMS for HIS. Affected products...
CVE-2022-30708 Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has...
E S
CVE-2022-30709 Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows...
CVE-2022-30710 Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to...
CVE-2022-30711 Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to l...
CVE-2022-30712 Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to ...
CVE-2022-30713 Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers to...
CVE-2022-30714 Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local att...
CVE-2022-30715 Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers ...
CVE-2022-30716 Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 a...
CVE-2022-30717 Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to u...
CVE-2022-30719 Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Releas...
CVE-2022-30720 Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Releas...
CVE-2022-30721 Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Releas...
CVE-2022-30722 Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows at...
CVE-2022-30723 Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in ...
CVE-2022-30724 Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in ...
CVE-2022-30725 Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in ...
CVE-2022-30726 Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SM...
CVE-2022-30727 Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in Perso...
CVE-2022-30728 Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attacker...
CVE-2022-30729 Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2022 Release 1 allows attackers...
CVE-2022-30730 Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account...
CVE-2022-30731 Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers to a...
CVE-2022-30732 Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows...
CVE-2022-30733 Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows a...
CVE-2022-30734 Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows ...
CVE-2022-30735 Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers t...
CVE-2022-30736 Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers t...
CVE-2022-30737 Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attacke...
CVE-2022-30738 Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address ba...
CVE-2022-30739 Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers t...
CVE-2022-30740 Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attacker...
CVE-2022-30741 Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7.2....
CVE-2022-30742 Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24....
CVE-2022-30743 Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers t...
CVE-2022-30744 DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows att...
CVE-2022-30745 Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to ac...
CVE-2022-30746 Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive i...
CVE-2022-30747 PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to a...
CVE-2022-30748 Unprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch a...
CVE-2022-30749 Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to a...
CVE-2022-30750 Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient p...
CVE-2022-30751 Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to S...
CVE-2022-30752 Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to S...
CVE-2022-30753 Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 al...
CVE-2022-30754 Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows at...
CVE-2022-30755 Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to ...
CVE-2022-30756 Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attac...
CVE-2022-30757 Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CI...
CVE-2022-30758 Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attac...
CVE-2022-30759 In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be exploited...
E
CVE-2022-30760 An Insecure Direct Object Reference (IDOR) issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allo...
E
CVE-2022-30763 Janet before 1.22.0 mishandles arrays....
E
CVE-2022-30765 Calibre-Web before 0.6.18 allows user table SQL Injection....
CVE-2022-30767 nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbound...
E S
CVE-2022-30768 A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows an attacker to execute HTML o...
CVE-2022-30769 Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to ...
CVE-2022-30770 Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and r 8.2.x versions prior to ver...
E
CVE-2022-30771 Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI funct...
CVE-2022-30772 Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRA...
CVE-2022-30773 DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after para...
CVE-2022-30774 DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parame...
CVE-2022-30775 xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (fo...
E
CVE-2022-30776 atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter....
CVE-2022-30777 Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter....
CVE-2022-30778 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-30779 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-30780 Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumptio...
E S
CVE-2022-30781 Gitea before 1.16.7 does not escape git fetch remote....
E S
CVE-2022-30782 Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cr...
S
CVE-2022-30783 An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic betw...
CVE-2022-30784 A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8...
CVE-2022-30785 A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary mem...
CVE-2022-30786 A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G th...
CVE-2022-30787 An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through...
CVE-2022-30788 A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through...
CVE-2022-30789 A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3...
CVE-2022-30790 Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552....
E
CVE-2022-30791 CODESYS V3: CmpBlkDrvTcp allows unauthenticated attackers to block all its available TCP connections
CVE-2022-30792 CODESYS: CmpChannelServer, CmpChannelServerEmbedded allow unauthenticated attackers to block all their available communication channels
CVE-2022-30794 Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails....
CVE-2022-30795 Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.p...
E
CVE-2022-30797 Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php....
E
CVE-2022-30798 Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php....
E
CVE-2022-30799 Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php....
E
CVE-2022-30804 elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=....
E
CVE-2022-30808 elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php....
E
CVE-2022-30809 elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=....
E
CVE-2022-30810 elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php....
E
CVE-2022-30813 elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php....
E
CVE-2022-30814 elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php....
E
CVE-2022-30815 elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar=...
E
CVE-2022-30816 elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.php....
E
CVE-2022-30817 Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php....
E
CVE-2022-30818 Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blog_eve...
E
CVE-2022-30819 In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture up...
E
CVE-2022-30820 In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload po...
E
CVE-2022-30821 In Wedding Management System v1.0, the editing function of the "Services" module in the background m...
E
CVE-2022-30822 In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture up...
E
CVE-2022-30823 Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blog_events_edit.php....
E
CVE-2022-30825 Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php....
E
CVE-2022-30826 Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php....
E
CVE-2022-30827 Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php....
E
CVE-2022-30828 Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php....
E
CVE-2022-30829 Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php....
E
CVE-2022-30830 Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\feature_edit.php....
E
CVE-2022-30831 Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details...
E
CVE-2022-30832 Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_a...
E
CVE-2022-30833 Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_e...
E
CVE-2022-30834 Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_m...
E
CVE-2022-30835 Wedding Management System v1.0 is vulnerable to SQL Injection. via /Wedding-Management/admin/budget....
E
CVE-2022-30836 Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.p...
E
CVE-2022-30837 Toll-tax-management-system v1.0 is vulnerable to Cross Site Scripting (XSS) via /ttms/classes/Master...
E
CVE-2022-30838 Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master...
E
CVE-2022-30839 Room-rent-portal-site v1.0 is vulnerable to Cross Site Scripting (XSS) via /rrps/classes/Master.php?...
E
CVE-2022-30842 Covid-19 Travel Pass Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ctpms/c...
E
CVE-2022-30843 Room-rent-portal-site v1.0 is vulnerable to SQL Injection via /rrps/classes/Master.php?f=delete_cate...
E
CVE-2022-30852 Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR)....
E S
CVE-2022-30858 An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif. poc...
E
CVE-2022-30860 FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administra...
E
CVE-2022-30861 FUDforum 3.1.2 is vulnerable to Stored XSS via Forum Name field in Forum Manager Feature....
E
CVE-2022-30863 FUDForum 3.1.2 is vulnerable to Cross Site Scripting (XSS) via page_title param in Page Manager in t...
E
CVE-2022-30874 There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02....
E
CVE-2022-30875 Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page....
CVE-2022-30877 The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a third ...
E
CVE-2022-30882 pyanxdns package in PyPI version 0.2 is vulnerable to code execution backdoor. The impact is: execut...
E
CVE-2022-30885 The pyesasky for python, as distributed on PyPI, included a code-execution backdoor inserted by a th...
E
CVE-2022-30886 School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via ...
E
CVE-2022-30887 Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerabilit...
E
CVE-2022-30898 A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote at...
E
CVE-2022-30899 A Cross Site Scripting vulnerabilty exists in PartKeepr 1.4.0 via the 'name' field in /api/part_cate...
CVE-2022-30903 Nokia "G-2425G-A" Bharti Airtel Routers Hardware version "3FE48299DEAA" Software Version "3FE49362IJ...
E
CVE-2022-30904 In Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered du...
E
CVE-2022-30909 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD par...
E
CVE-2022-30910 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO para...
E
CVE-2022-30912 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateW...
E
CVE-2022-30913 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the ipqos_s...
E
CVE-2022-30914 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateM...
E
CVE-2022-30915 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateS...
E
CVE-2022-30916 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_Set...
E
CVE-2022-30917 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddWlan...
E
CVE-2022-30918 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_Set...
E
CVE-2022-30919 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_Ba...
E
CVE-2022-30920 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_Ba...
E
CVE-2022-30921 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetMobi...
E
CVE-2022-30922 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditWla...
E
CVE-2022-30923 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_Set...
E
CVE-2022-30924 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetAPWi...
E
CVE-2022-30925 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddMacL...
E
CVE-2022-30926 H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditMac...
E
CVE-2022-30927 A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used a...
E
CVE-2022-30929 Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper....
E
CVE-2022-30930 Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF)....
E
CVE-2022-30931 Employee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross Site Request Forgery (CSRF) vi...
E
CVE-2022-30932 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-30935 An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password ...
S
CVE-2022-30937 A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 E...
S
CVE-2022-30938 A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 E...
S
CVE-2022-30943 Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remot...
CVE-2022-30944 Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow ...
M
CVE-2022-30945 Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source fi...
S
CVE-2022-30946 A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_6...
CVE-2022-30947 Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some...
CVE-2022-30948 Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to configure pipelines to check out ...
CVE-2022-30949 Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out som...
CVE-2022-30950 Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which ...
CVE-2022-30951 Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does n...
CVE-2022-30952 Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configur...
CVE-2022-30953 A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier al...
CVE-2022-30954 Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP end...
CVE-2022-30955 Jenkins GitLab Plugin 1.5.31 and earlier does not perform a permission check in an HTTP endpoint, al...
CVE-2022-30956 Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissio...
CVE-2022-30957 A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Rea...
CVE-2022-30958 A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and earlier allows att...
CVE-2022-30959 A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Rea...
CVE-2022-30960 Jenkins Application Detector Plugin 1.0.8 and earlier does not escape the name of Chois Application ...
CVE-2022-30961 Jenkins Autocomplete Parameter Plugin 1.1 and earlier does not escape the name of Dropdown Autocompl...
CVE-2022-30962 Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and descrip...
CVE-2022-30963 Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name and description of JDK paramet...
CVE-2022-30964 Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Mul...
CVE-2022-30965 Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name and description of ...
CVE-2022-30966 Jenkins Random String Parameter Plugin 1.0 and earlier does not escape the name and description of R...
CVE-2022-30967 Jenkins Selection tasks Plugin 1.0 and earlier does not escape the name and description of Script Se...
CVE-2022-30968 Jenkins vboxwrapper Plugin 1.3 and earlier does not escape the name and description of VBox node par...
CVE-2022-30969 A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and e...
CVE-2022-30970 Jenkins Autocomplete Parameter Plugin 1.1 and earlier references Dropdown Autocomplete parameter and...
CVE-2022-30971 Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML ext...
CVE-2022-30972 A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier...
CVE-2022-30973 Missing fix for CVE-2022-30126 in 1.28.2
M
CVE-2022-30974 compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited ...
E S
CVE-2022-30975 In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonst...
E S
CVE-2022-30976 GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, r...
E S
CVE-2022-30981 An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker...
CVE-2022-30982 An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description...
E
CVE-2022-30984 A buffer overflow vulnerability in the Rubrik Backup Service (RBS) Agent for Linux or Unix-based sys...
CVE-2022-30990 Sensitive information disclosure due to insecure folder permissions
S
CVE-2022-30991 HTML injection via report name
S
CVE-2022-30992 Open redirect via user-controlled query parameter
S
CVE-2022-30993 Cleartext transmission of sensitive information
S
CVE-2022-30994 Cleartext transmission of sensitive information
S
CVE-2022-30995 Sensitive information disclosure due to improper authentication. The following products are affected...
CVE-2022-30996 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2022-30997 Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.1...
M
CVE-2022-30998 WordPress Homepage Product Organizer for WooCommerce plugin <= 1.1 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities
CVE-2022-30999 Possible cross-site scripting attack via unsanitized SVG files in FoF Upload
E S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.