| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2022-35000 | JPEGDEC commit be4843c was discovered to contain a segmentation fault via fseek at /libio/fseek.c.... | E | |
| CVE-2022-35002 | JPEGDEC commit be4843c was discovered to contain a segmentation fault via TIFFSHORT at /src/jpeg.inl... | E | |
| CVE-2022-35003 | JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src... | E | |
| CVE-2022-35004 | JPEGDEC commit be4843c was discovered to contain a FPE via TIFFSHORT at /src/jpeg.inl.... | E | |
| CVE-2022-35007 | PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via __interceptor_fwrite.part... | E | |
| CVE-2022-35008 | PNGDec commit 8abf6be was discovered to contain a stack overflow via /linux/main.cpp.... | E | |
| CVE-2022-35009 | PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux.cp... | E | |
| CVE-2022-35010 | PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via asan_interceptors_memintr... | E | |
| CVE-2022-35011 | PNGDec commit 8abf6be was discovered to contain a global buffer overflow via inflate_fast at /src/in... | E | |
| CVE-2022-35012 | PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via SaveBMP at /linux/main.cp... | E | |
| CVE-2022-35013 | PNGDec commit 8abf6be was discovered to contain a FPE via SaveBMP at /linux/main.cpp.... | E | |
| CVE-2022-35014 | Advancecomp v2.3 contains a segmentation fault.... | E | |
| CVE-2022-35015 | Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianr... | E | |
| CVE-2022-35016 | Advancecomp v2.3 was discovered to contain a heap buffer overflow.... | E | |
| CVE-2022-35017 | Advancecomp v2.3 was discovered to contain a heap buffer overflow.... | E | |
| CVE-2022-35018 | Advancecomp v2.3 was discovered to contain a segmentation fault.... | E | |
| CVE-2022-35019 | Advancecomp v2.3 was discovered to contain a segmentation fault.... | E | |
| CVE-2022-35020 | Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_me... | E | |
| CVE-2022-35021 | OTFCC commit 617837b was discovered to contain a global buffer overflow via /release-x64/otfccdump+0... | E | |
| CVE-2022-35022 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35023 | OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x86_64-linux-gnu/li... | E | |
| CVE-2022-35024 | OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-u... | E | |
| CVE-2022-35025 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35026 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35027 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35028 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35029 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35030 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35031 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35032 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35034 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35035 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35036 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35037 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35038 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35039 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35040 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35041 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35042 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4... | E | |
| CVE-2022-35043 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35044 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35045 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35046 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35047 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35048 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35049 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35050 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35051 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35052 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35053 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35054 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35055 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35056 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35058 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35059 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35060 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35061 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35062 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35063 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35064 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4... | E | |
| CVE-2022-35065 | OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0... | E | |
| CVE-2022-35066 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35067 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35068 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35069 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35070 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6... | E | |
| CVE-2022-35080 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_load at /lib/png.c... | E | |
| CVE-2022-35081 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_read_header at /sr... | E | |
| CVE-2022-35085 | SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.... | E | |
| CVE-2022-35086 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-v... | E | |
| CVE-2022-35087 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /sr... | E | |
| CVE-2022-35088 | SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /ho... | E | |
| CVE-2022-35089 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at... | E | |
| CVE-2022-35090 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan... | E | |
| CVE-2022-35091 | SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::r... | E | |
| CVE-2022-35092 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /... | E | |
| CVE-2022-35093 | SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transform... | E | |
| CVE-2022-35094 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym... | E | |
| CVE-2022-35095 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3... | E | |
| CVE-2022-35096 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpol... | E | |
| CVE-2022-35097 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeT... | E | |
| CVE-2022-35098 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace:... | E | |
| CVE-2022-35099 | SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsign... | E | |
| CVE-2022-35100 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via gfxline_getbbox at /... | E | |
| CVE-2022-35101 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-ve... | E | |
| CVE-2022-35104 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset() at ... | E | |
| CVE-2022-35105 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea.... | E | |
| CVE-2022-35106 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::comput... | E | |
| CVE-2022-35107 | SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vf... | E | |
| CVE-2022-35108 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via DCTStream::getChar()... | E | |
| CVE-2022-35109 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpol... | E | |
| CVE-2022-35110 | SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.... | E | |
| CVE-2022-35111 | SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer::StackDepotNode:... | E | |
| CVE-2022-35113 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via swf_DefineLosslessBits... | E | |
| CVE-2022-35114 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via extractFrame at /rea... | E | |
| CVE-2022-35115 | IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) was discovered to contain a SQL injection vulner... | | |
| CVE-2022-35117 | Clinic's Patient Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulne... | E | |
| CVE-2022-35118 | PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.... | | |
| CVE-2022-35120 | IXPdata EasyInstall 6.6.14725 contains an access control issue.... | E | |
| CVE-2022-35121 | Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword parameter ... | E | |
| CVE-2022-35122 | An access control issue in Ecowitt GW1100 Series Weather Stations <=GW1100B_v2.1.5 allows unauthenti... | E | |
| CVE-2022-35131 | Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the... | E | |
| CVE-2022-35132 | Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injectio... | E | |
| CVE-2022-35133 | A cross-site scripting (XSS) vulnerability in CherryTree v0.99.30 allows attackers to execute arbitr... | | |
| CVE-2022-35134 | Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting (XSS) vulnerability.... | E | |
| CVE-2022-35135 | Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent t... | E | |
| CVE-2022-35136 | Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests.... | E | |
| CVE-2022-35137 | DGIOT Lightweight industrial IoT v4.5.4 was discovered to contain multiple cross-site scripting (XSS... | E | |
| CVE-2022-35142 | An issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload... | E S | |
| CVE-2022-35143 | Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passw... | E S | |
| CVE-2022-35144 | Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability.... | E S | |
| CVE-2022-35147 | DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request... | E | |
| CVE-2022-35148 | maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability ... | E S | |
| CVE-2022-35150 | Baijicms v4 was discovered to contain an arbitrary file upload vulnerability.... | E | |
| CVE-2022-35151 | kkFileView v4.1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via ... | E S | |
| CVE-2022-35153 | FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php.... | S | |
| CVE-2022-35154 | Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value para... | E | |
| CVE-2022-35155 | Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vul... | E | |
| CVE-2022-35156 | Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searc... | E | |
| CVE-2022-35158 | A vulnerability in the lua parser of TscanCode tsclua v2.15.01 allows attackers to cause a Denial of... | E | |
| CVE-2022-35161 | GVRET Stable Release as of Aug 15, 2015 was discovered to contain a buffer overflow via the handleCo... | E | |
| CVE-2022-35162 | Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulner... | E | |
| CVE-2022-35163 | Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulner... | E | |
| CVE-2022-35164 | LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_... | E S | |
| CVE-2022-35165 | An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of S... | E | |
| CVE-2022-35166 | libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadIntern... | E | |
| CVE-2022-35167 | Printix Cloud Print Management v1.3.1149.0 for Windows was discovered to contain insecure permission... | E | |
| CVE-2022-35168 | Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can ... | | |
| CVE-2022-35169 | SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker wit... | | |
| CVE-2022-35170 | SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not suffic... | | |
| CVE-2022-35171 | When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SA... | | |
| CVE-2022-35172 | SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not suffic... | | |
| CVE-2022-35173 | An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to ... | E S | |
| CVE-2022-35174 | A stored cross-site scripting (XSS) vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to... | E | |
| CVE-2022-35175 | Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidd... | E | |
| CVE-2022-35191 | D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticat... | | |
| CVE-2022-35192 | D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticat... | | |
| CVE-2022-35193 | TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNaviga... | E | |
| CVE-2022-35194 | TestLink v1.9.20 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /li... | E | |
| CVE-2022-35195 | TestLink 1.9.20 Raijin was discovered to contain a broken access control vulnerability at /lib/attac... | E | |
| CVE-2022-35196 | TestLink v1.9.20 was discovered to contain a Cross-Site Request Forgery (CSRF) via /lib/plan/planVie... | E | |
| CVE-2022-35198 | Contract Management System v2.0 contains a weak default password which gives attackers to access dat... | E | |
| CVE-2022-35201 | Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.... | | |
| CVE-2022-35202 | A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain (non-de... | | |
| CVE-2022-35203 | An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensi... | | |
| CVE-2022-35204 | Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a ... | E S | |
| CVE-2022-35205 | An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display... | E S | |
| CVE-2022-35206 | Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_att... | E S | |
| CVE-2022-35212 | osCommerce2 before v2.3.4.1 was discovered to contain a cross-site scripting (XSS) vulnerability via... | | |
| CVE-2022-35213 | Ecommerce-CodeIgniter-Bootstrap before commit 56465f was discovered to contain a cross-site scriptin... | E S | |
| CVE-2022-35216 | ITPison OMICARD EDM - Use of Hard-coded Credentials | S | |
| CVE-2022-35217 | NHI card’s web service component - Stack-based Buffer Overflow-1 | S | |
| CVE-2022-35218 | NHI card’s web service component - Heap-based Buffer Overflow | S | |
| CVE-2022-35219 | NHI card’s web service component - Stack-based Buffer Overflow-2 | S | |
| CVE-2022-35220 | TEAMPLUS TECHNOLOGY INC. Teamplus Pro - Allocation of Resources Without Limits or Throttling-1 | S | |
| CVE-2022-35221 | TEAMPLUS TECHNOLOGY INC. Teamplus Pro - Allocation of Resources Without Limits or Throttling-2 | S | |
| CVE-2022-35222 | HiCOS Citizen verification component - Stack Buffer Overflow | S | |
| CVE-2022-35223 | EasyUse MailHunter Ultimate - Deserialization of Untrusted Data | S | |
| CVE-2022-35224 | SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently enc... | | |
| CVE-2022-35225 | SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not suffic... | | |
| CVE-2022-35226 | SAP Data Services Management allows an attacker to copy the data from a request and echoed into the ... | | |
| CVE-2022-35227 | A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently va... | | |
| CVE-2022-35228 | SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the ne... | | |
| CVE-2022-35229 | Reflected XSS in discovery page of Zabbix Frontend | S | |
| CVE-2022-35230 | Reflected XSS in graphs page of Zabbix Frontend | S | |
| CVE-2022-35234 | Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Dis... | S | |
| CVE-2022-35235 | WordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Read vulnerability | S | |
| CVE-2022-35236 | HTTP2 profile vulnerability CVE-2022-35236 | | |
| CVE-2022-35237 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-35238 | WordPress Awesome Filterable Portfolio plugin <= 1.9.7 - Unauthenticated Plugin Settings Change vulnerability | | |
| CVE-2022-35239 | The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC... | | |
| CVE-2022-35240 | BIG-IP Message Routing MQTT vulnerability CVE-2022-35240 | | |
| CVE-2022-35241 | NGINX Instance Manager vulnerability CVE-2022-35241 | | |
| CVE-2022-35242 | WordPress THE Leads Management System: 59sec LITE plugin <= 3.4.1 - Unauthenticated plugin settings change vulnerability | S | |
| CVE-2022-35243 | Authenticated iControl REST in Appliance mode vulnerability CVE-2022-35243 | | |
| CVE-2022-35244 | A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, ... | E | |
| CVE-2022-35245 | BIG-IP APM access policy vulnerability CVE-2022-35245 | | |
| CVE-2022-35246 | A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat | E | |
| CVE-2022-35247 | A information disclosure vulnerability exists in Rocket.chat | E | |
| CVE-2022-35248 | A improper authentication vulnerability exists in Rocket.Chat | E | |
| CVE-2022-35249 | A information disclosure vulnerability exists in Rocket.Chat | E | |
| CVE-2022-35250 | A privilege escalation vulnerability exists in Rocket.chat | E | |
| CVE-2022-35251 | A cross-site scripting vulnerability exists in Rocket.chat | E | |
| CVE-2022-35252 | When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using contr... | E | |
| CVE-2022-35253 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35254 | An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect ... | | |
| CVE-2022-35255 | A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with Entrop... | E | |
| CVE-2022-35256 | The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that ar... | E | |
| CVE-2022-35257 | A local privilege escalation vulnerability in UI Desktop for Windows (Version 0.55.1.2 and earlier) ... | | |
| CVE-2022-35258 | An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect ... | | |
| CVE-2022-35259 | XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run ... | | |
| CVE-2022-35260 | curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 cons... | E S | |
| CVE-2022-35261 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35262 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35263 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35264 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35265 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35266 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35267 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35268 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35269 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35270 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35271 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510... | E | |
| CVE-2022-35272 | BIG-IP HTTP MRF vulnerability CVE-2022-35272 | | |
| CVE-2022-35273 | OS command injection vulnerability in GUI setting page of CentreCOM AR260S V2 firmware versions prio... | M | |
| CVE-2022-35274 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-35275 | WordPress Advanced Order Export For WooCommerce plugin <= 3.3.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability | S | |
| CVE-2022-35276 | Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBW... | S | |
| CVE-2022-35277 | WordPress GetResponse plugin <= 5.5.20 - Cross-Site Request Forgery (CSRF) vulnerability | | |
| CVE-2022-35278 | HTML Injection in ActiveMQ Artemis Web Console | M | |
| CVE-2022-35279 | "IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0... | S | |
| CVE-2022-35280 | IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have st... | | |
| CVE-2022-35281 | IBM Maximo Application Suite command injection | | |
| CVE-2022-35282 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery... | S | |
| CVE-2022-35283 | IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of ... | S | |
| CVE-2022-35284 | IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing o... | S | |
| CVE-2022-35285 | IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could... | S | |
| CVE-2022-35286 | IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could... | S | |
| CVE-2022-35287 | IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password or ... | S | |
| CVE-2022-35288 | IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that... | S | |
| CVE-2022-35289 | A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4... | S | |
| CVE-2022-35290 | Under certain conditions SAP Authenticator for Android allows an attacker to access information whic... | | |
| CVE-2022-35291 | Privilege escalation vulnerability in SAP SuccessFactors attachment API for Mobile Application(Android & iOS) | | |
| CVE-2022-35292 | In SAP Business One application when a service is created, the executable path contains spaces and i... | | |
| CVE-2022-35293 | Due to insecure session management, SAP Enable Now allows an unauthenticated attacker to gain access... | | |
| CVE-2022-35294 | An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWe... | | |
| CVE-2022-35295 | In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escala... | E | |
| CVE-2022-35296 | Under certain conditions, the application SAP BusinessObjects Business Intelligence Platform (Versio... | | |
| CVE-2022-35297 | The application SAP Enable Now does not sufficiently encode user-controlled inputs over the network ... | | |
| CVE-2022-35298 | SAP NetWeaver Enterprise Portal (KMC) - version 7.50, does not sufficiently encode user-controlled i... | | |
| CVE-2022-35299 | SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical e... | | |
| CVE-2022-35300 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35301 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35302 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35303 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35304 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35305 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35306 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35307 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35308 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35309 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35310 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35311 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35312 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35313 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35314 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35315 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35316 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35317 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35318 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35319 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35320 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35321 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35322 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35323 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35324 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35325 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35326 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35327 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35328 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35329 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35330 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35331 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35332 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35333 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35334 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35335 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35336 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35337 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35338 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35339 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35340 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35341 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35342 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35343 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35344 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35345 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35346 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35347 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35348 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35349 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35350 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35351 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35352 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35353 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35354 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35355 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35356 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35357 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35358 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35359 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35360 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35361 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35362 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35363 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35364 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35365 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35366 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35367 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35368 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35369 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35370 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35371 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35372 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35373 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35374 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35375 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35376 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35377 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35378 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35379 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35380 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35381 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35382 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35383 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35384 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35385 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35386 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35387 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35388 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35389 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35390 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35391 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35392 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35393 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35394 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35395 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35396 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35397 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35398 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35399 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-35400 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-35401 | An authentication bypass vulnerability exists in the get_IFTTTTtoken.cgi functionality of Asus RT-AX... | E | |
| CVE-2022-35403 | Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCente... | S | |
| CVE-2022-35404 | ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to u... | S | |
| CVE-2022-35405 | Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthe... | KEV E S | |
| CVE-2022-35406 | A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted respons... | S | |
| CVE-2022-35407 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow lea... | | |
| CVE-2022-35408 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerabilit... | E | |
| CVE-2022-35409 | An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an u... | E M | |
| CVE-2022-35410 | mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZI... | E S | |
| CVE-2022-35411 | rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: p... | E S | |
| CVE-2022-35412 | Digital Guardian Agent 7.7.4.0042 allows an administrator (who ordinarily does not have a supported ... | | |
| CVE-2022-35413 | WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access... | S | |
| CVE-2022-35414 | softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path... | E S | |
| CVE-2022-35415 | An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged u... | | |
| CVE-2022-35416 | H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.... | E | |
| CVE-2022-35421 | Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerabil... | E | |
| CVE-2022-35422 | Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the qid param... | E | |
| CVE-2022-35426 | UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file.... | E | |
| CVE-2022-35433 | ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /... | E | |
| CVE-2022-35434 | jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg-quantsmo... | E | |
| CVE-2022-35447 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b04de.... | E | |
| CVE-2022-35448 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b55af.... | E | |
| CVE-2022-35449 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0466.... | E | |
| CVE-2022-35450 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b84b1.... | E | |
| CVE-2022-35451 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b03b5.... | E | |
| CVE-2022-35452 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0b2c.... | E | |
| CVE-2022-35453 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c08a6.... | E | |
| CVE-2022-35454 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05aa.... | E | |
| CVE-2022-35455 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0d63.... | E | |
| CVE-2022-35456 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x617087.... | E | |
| CVE-2022-35458 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05ce.... | E | |
| CVE-2022-35459 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e412a.... | E | |
| CVE-2022-35460 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x61731f.... | E | |
| CVE-2022-35461 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0a32.... | E | |
| CVE-2022-35462 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0bc3.... | E | |
| CVE-2022-35463 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0478.... | E | |
| CVE-2022-35464 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6171b2.... | E | |
| CVE-2022-35465 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0414.... | E | |
| CVE-2022-35466 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0473.... | E | |
| CVE-2022-35467 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b8.... | E | |
| CVE-2022-35468 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e420d.... | E | |
| CVE-2022-35469 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /x86_64-linux-gnu/libc.so.6+0xb... | E | |
| CVE-2022-35470 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x65fc97.... | E | |
| CVE-2022-35471 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b0.... | E | |
| CVE-2022-35472 | OTFCC v0.10.4 was discovered to contain a global overflow via /release-x64/otfccdump+0x718693.... | E | |
| CVE-2022-35473 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7... | E | |
| CVE-2022-35474 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b544e.... | E | |
| CVE-2022-35475 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41a8.... | E | |
| CVE-2022-35476 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b... | E | |
| CVE-2022-35477 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954... | E | |
| CVE-2022-35478 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea... | E | |
| CVE-2022-35479 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6... | E | |
| CVE-2022-35481 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligne... | E | |
| CVE-2022-35482 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724... | E | |
| CVE-2022-35483 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8... | E | |
| CVE-2022-35484 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f... | E | |
| CVE-2022-35485 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969... | E | |
| CVE-2022-35486 | OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae... | E | |
| CVE-2022-35487 | Zammad 5.2.0 suffers from Incorrect Access Control. Zammad did not correctly perform authorization o... | | |
| CVE-2022-35488 | In Zammad 5.2.0, an attacker could manipulate the rate limiting in the 'forgot password' feature of ... | | |
| CVE-2022-35489 | In Zammad 5.2.0, customers who have secondary organizations assigned were able to see all organizati... | | |
| CVE-2022-35490 | Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force atta... | | |
| CVE-2022-35491 | TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample.... | | |
| CVE-2022-35493 | A Cross-site scripting (XSS) vulnerability in json search parse and the json response in wrteam.in, ... | E | |
| CVE-2022-35500 | Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality.... | | |
| CVE-2022-35501 | Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento... | | |
| CVE-2022-35503 | Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to... | | |
| CVE-2022-35505 | A segmentation fault in TripleCross v0.1.0 occurs when sending a control command from the client to ... | E | |
| CVE-2022-35506 | TripleCross v0.1.0 was discovered to contain a stack overflow which occurs because there is no limit... | E | |
| CVE-2022-35507 | A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox ... | E S | |
| CVE-2022-35508 | Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxyin... | E S | |
| CVE-2022-35509 | An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an at... | E | |
| CVE-2022-35513 | The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of stor... | E | |
| CVE-2022-35516 | DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in login.p... | E S | |
| CVE-2022-35517 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: web_psk... | E | |
| CVE-2022-35518 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Pa... | E | |
| CVE-2022-35519 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_... | E | |
| CVE-2022-35520 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, a... | E | |
| CVE-2022-35521 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: re... | E | |
| CVE-2022-35522 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_use... | E | |
| CVE-2022-35523 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_... | E | |
| CVE-2022-35524 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_si... | E | |
| CVE-2022-35525 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switc... | E | |
| CVE-2022-35526 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, wh... | E | |
| CVE-2022-35533 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_lis... | E | |
| CVE-2022-35534 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hidd... | E | |
| CVE-2022-35535 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macA... | E | |
| CVE-2022-35536 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_ban... | E | |
| CVE-2022-35537 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: ma... | E | |
| CVE-2022-35538 | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: de... | E | |
| CVE-2022-35540 | Hardcoded JWT Secret in AgileConfig <1.6.8 Server allows remote attackers to use the generated JWT t... | | |
| CVE-2022-35554 | Multiple reflected XSS vulnerabilities occur when handling error message of BPC SmartVista version 3... | E | |
| CVE-2022-35555 | A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which all... | E | |
| CVE-2022-35557 | A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, whi... | E | |
| CVE-2022-35558 | A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version... | E | |
| CVE-2022-35559 | A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allow... | E | |
| CVE-2022-35560 | A stack overflow vulnerability exists in /goform/wifiSSIDset in Tenda W6 V1.0.0.9(4122) version, whi... | E | |
| CVE-2022-35561 | A stack overflow vulnerability exists in /goform/WifiMacFilterSet in Tenda W6 V1.0.0.9(4122) version... | E | |
| CVE-2022-35569 | Blogifier v3.0 was discovered to contain an arbitrary file upload vulnerability at /api/storage/uplo... | E S | |
| CVE-2022-35572 | On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vend... | E | |
| CVE-2022-35582 | Penta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Contr... | | |
| CVE-2022-35583 | wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the tar... | E | |
| CVE-2022-35585 | A stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to in... | E S | |
| CVE-2022-35587 | A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaS... | E S | |
| CVE-2022-35589 | A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaS... | E S | |
| CVE-2022-35590 | A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject Ja... | E | |
| CVE-2022-35598 | A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0... | | |
| CVE-2022-35599 | A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attack... | | |
| CVE-2022-35601 | A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows a... | | |
| CVE-2022-35602 | A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attac... | | |
| CVE-2022-35603 | A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows a... | | |
| CVE-2022-35604 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-35601. Reason: This candidat... | R | |
| CVE-2022-35605 | A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attac... | | |
| CVE-2022-35606 | A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows a... | | |
| CVE-2022-35611 | A Cross-Site Request Forgery (CSRF) in MQTTRoute v3.3 and below allows attackers to create and remov... | E | |
| CVE-2022-35612 | A cross-site scripting (XSS) vulnerability in MQTTRoute v3.3 and below allows attackers to execute a... | E | |
| CVE-2022-35613 | Konker v2.3.9 was to discovered to contain a Cross-Site Request Forgery (CSRF).... | | |
| CVE-2022-35619 | D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnera... | E | |
| CVE-2022-35620 | D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnera... | E | |
| CVE-2022-35621 | Access control vulnerability in Evoh NFT EvohClaimable contract with sha256 hash code fa2084d5abca91... | E | |
| CVE-2022-35623 | In Nordic nRF5 SDK for Mesh 5.0, a heap overflow vulnerability can be triggered by sending a series ... | E | |
| CVE-2022-35624 | In Nordic nRF5 SDK for Mesh 5.0, a heap overflow vulnerability can be triggered by sending a series ... | E | |
| CVE-2022-35628 | A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x befor... | S | |
| CVE-2022-35629 | Velociraptor Client ID Spoofing | | |
| CVE-2022-35630 | Unsafe HTML Injection in Artifact Collection Report | S | |
| CVE-2022-35631 | Filesystem race on temporary files | S | |
| CVE-2022-35632 | XSS in User Interface | | |
| CVE-2022-35637 | IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of ser... | S | |
| CVE-2022-35638 | IBM Sterling B2B Integrator cross-site request forgery | | |
| CVE-2022-35639 | IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connec... | S | |
| CVE-2022-35640 | IBM Sterling Partner Engagement Manager information disclosure | | |
| CVE-2022-35642 | "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability al... | S | |
| CVE-2022-35643 | IBM PowerVM VIOS 3.1 could allow a remote attacker to tamper with system configuration or cause a de... | S | |
| CVE-2022-35645 | IBM Maximo Asset Management cross-site scripting | S | |
| CVE-2022-35646 | IBM Security Verify Governance, Identity Manager security bypass | S | |
| CVE-2022-35648 | Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130... | | |
| CVE-2022-35649 | The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScri... | S | |
| CVE-2022-35650 | The vulnerability was found in Moodle, occurs due to input validation error when importing lesson qu... | S | |
| CVE-2022-35651 | A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitizati... | S | |
| CVE-2022-35652 | An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mob... | | |
| CVE-2022-35653 | A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to in... | S | |
| CVE-2022-35654 | Pega Platform from 8.5.4 to 8.7.3 is affected by an XSS issue with an unauthenticated user and the r... | | |
| CVE-2022-35655 | Pega Platform from 7.3 to 8.7.3 is affected by an XSS issue due to a misconfiguration of a datapage ... | | |
| CVE-2022-35656 | Pega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alt... | | |
| CVE-2022-35664 | AEM Reflected XSS Arbitrary code execution | | |
| CVE-2022-35665 | Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution | | |
| CVE-2022-35666 | Adobe Acrobat Reader Improper Input Validation Remote Code Execution Vulnerability | | |
| CVE-2022-35667 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2022-35668 | Adobe Acrobat Reader Improper Input Validation Memory leak | | |
| CVE-2022-35669 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2022-35670 | Adobe Acrobat Reader Use-After-Free Memory leak | | |
| CVE-2022-35671 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2022-35672 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2022-35673 | Adobe FrameMaker SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2022-35674 | Adobe FrameMaker SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2022-35675 | Adobe FrameMaker SVG File Parsing Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2022-35676 | Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2022-35677 | Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2022-35678 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2022-35689 | Adobe Commerce Improper Access Control Security feature bypass | S | |
| CVE-2022-35690 | Adobe ColdFusion ODBC Agent Stack-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2022-35691 | Adobe Acrobat Reader NULL Pointer Dereference Application denial-of-service | S | |
| CVE-2022-35692 | Adobe Commerce Improper Access Control Security feature bypass | S | |
| CVE-2022-35693 | AEM Reflected XSS Arbitrary code execution | | |
| CVE-2022-35694 | AEM Reflected XSS Arbitrary code execution | | |
| CVE-2022-35695 | AEM Reflected XSS Arbitrary code execution | | |
| CVE-2022-35696 | AEM Reflected XSS Arbitrary code execution | | |
| CVE-2022-35697 | AEM File Upload Security Issue leading to RXSS | | |
| CVE-2022-35698 | Adobe Commerce Stored XSS Arbitrary code execution | S | |
| CVE-2022-35699 | Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | S | |
| CVE-2022-35700 | Adobe Bridge SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | S | |
| CVE-2022-35701 | Adobe Bridge SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | S | |
| CVE-2022-35702 | Adobe Bridge SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2022-35703 | Adobe Bridge SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2022-35704 | Adobe Bridge SVG File Parsing Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2022-35705 | Adobe Bridge MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2022-35706 | Adobe Bridge SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2022-35707 | Adobe Bridge SGI File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2022-35708 | Adobe Bridge SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2022-35709 | Adobe Bridge DCM File Parsing Use-After-Free Information Disclosure Vulnerability | S | |
| CVE-2022-35710 | Adobe ColdFusion ODBC Server Stack-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2022-35711 | Adobe ColdFusion ODBC Server Heap-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2022-35712 | Adobe ColdFusion ODBC Agent Heap-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2022-35713 | Adobe Photoshop U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2022-35714 | IBM Maximo Asset Management 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows u... | S | |
| CVE-2022-35715 | IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information... | | |
| CVE-2022-35716 | IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7.1.2... | S | |
| CVE-2022-35717 | "IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbi... | S | |
| CVE-2022-35719 | IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in trace ... | S | |
| CVE-2022-35720 | IBM Sterling External Authentication Server information disclosure | S | |
| CVE-2022-35721 | IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerabili... | S | |
| CVE-2022-35722 | IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability all... | S | |
| CVE-2022-35724 | Denial of service while reading data in Avro Rust SDK | | |
| CVE-2022-35725 | WordPress wp-forecast plugin <= 7.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | S | |
| CVE-2022-35726 | WordPress Video Gallery plugin <= 1.3.4.5 - Broken Authentication vulnerability | S | |
| CVE-2022-35727 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-35728 | iControl REST vulnerability CVE-2022-35728 | | |
| CVE-2022-35729 | Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow ... | | |
| CVE-2022-35730 | WordPress Oceanwp sticky header plugin <= 1.0.8 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-35731 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-35732 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-35733 | Missing authentication for critical function vulnerability in UNIMO Technology digital video recorde... | | |
| CVE-2022-35734 | 'Hulu / フールー' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded AP... | | |
| CVE-2022-35735 | BIG-IP monitor configuration vulnerability CVE-2022-35735 | | |
| CVE-2022-35736 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-35737 | SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of ... | E | |
| CVE-2022-35739 | PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device’s icon, which c... | E | |
| CVE-2022-35740 | dotCMS before 22.06 allows remote attackers to bypass intended access control and obtain sensitive i... | E M | |
| CVE-2022-35741 | Apache CloudStack SAML Single Sign-On XXE | S | |
| CVE-2022-35742 | Microsoft Outlook Denial of Service Vulnerability | S | |
| CVE-2022-35743 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | S | |
| CVE-2022-35744 | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability | S | |
| CVE-2022-35745 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | S | |
| CVE-2022-35746 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | S | |
| CVE-2022-35747 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | S | |
| CVE-2022-35748 | HTTP.sys Denial of Service Vulnerability | S | |
| CVE-2022-35749 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | S | |
| CVE-2022-35750 | Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2022-35751 | Windows Hyper-V Elevation of Privilege Vulnerability | S | |
| CVE-2022-35752 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | S | |
| CVE-2022-35753 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | S | |
| CVE-2022-35754 | Unified Write Filter Elevation of Privilege Vulnerability | S | |
| CVE-2022-35755 | Windows Print Spooler Elevation of Privilege Vulnerability | S | |
| CVE-2022-35756 | Windows Kerberos Elevation of Privilege Vulnerability | S | |
| CVE-2022-35757 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | S | |
| CVE-2022-35758 | Windows Kernel Memory Information Disclosure Vulnerability | S | |
| CVE-2022-35759 | Windows Local Security Authority (LSA) Denial of Service Vulnerability | S | |
| CVE-2022-35760 | Microsoft ATA Port Driver Elevation of Privilege Vulnerability | | |
| CVE-2022-35761 | Windows Kernel Elevation of Privilege Vulnerability | | |
| CVE-2022-35762 | Storage Spaces Direct Elevation of Privilege Vulnerability | | |
| CVE-2022-35763 | Storage Spaces Direct Elevation of Privilege Vulnerability | | |
| CVE-2022-35764 | Storage Spaces Direct Elevation of Privilege Vulnerability | | |
| CVE-2022-35765 | Storage Spaces Direct Elevation of Privilege Vulnerability | | |
| CVE-2022-35766 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | | |
| CVE-2022-35767 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | | |
| CVE-2022-35768 | Windows Kernel Elevation of Privilege Vulnerability | | |
| CVE-2022-35769 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | | |
| CVE-2022-35770 | Windows NTLM Spoofing Vulnerability | S | |
| CVE-2022-35771 | Windows Defender Credential Guard Elevation of Privilege Vulnerability | | |
| CVE-2022-35772 | Azure Site Recovery Remote Code Execution Vulnerability | | |
| CVE-2022-35773 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | | |
| CVE-2022-35774 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35775 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35776 | Azure Site Recovery Denial of Service Vulnerability | | |
| CVE-2022-35777 | Visual Studio Remote Code Execution Vulnerability | | |
| CVE-2022-35779 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | | |
| CVE-2022-35780 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35781 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35782 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35783 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35784 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35785 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35786 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35787 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35788 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35789 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35790 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35791 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35792 | Storage Spaces Direct Elevation of Privilege Vulnerability | | |
| CVE-2022-35793 | Windows Print Spooler Elevation of Privilege Vulnerability | | |
| CVE-2022-35794 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | | |
| CVE-2022-35795 | Windows Error Reporting Service Elevation of Privilege Vulnerability | | |
| CVE-2022-35796 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | | |
| CVE-2022-35797 | Windows Hello Security Feature Bypass Vulnerability | | |
| CVE-2022-35798 | Azure Arc Jumpstart Information Disclosure Vulnerability | S | |
| CVE-2022-35799 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35800 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35801 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35802 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35803 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | | |
| CVE-2022-35804 | SMB Client and Server Remote Code Execution Vulnerability | | |
| CVE-2022-35805 | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | | |
| CVE-2022-35806 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | | |
| CVE-2022-35807 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35808 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35809 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35810 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35811 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35812 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35813 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35814 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35815 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35816 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35817 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35818 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35819 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-35820 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | | |
| CVE-2022-35821 | Azure Sphere Information Disclosure Vulnerability | | |
| CVE-2022-35822 | Windows Defender Credential Guard Security Feature Bypass Vulnerability | | |
| CVE-2022-35823 | Microsoft SharePoint Remote Code Execution Vulnerability | | |
| CVE-2022-35824 | Azure Site Recovery Remote Code Execution Vulnerability | | |
| CVE-2022-35825 | Visual Studio Remote Code Execution Vulnerability | | |
| CVE-2022-35826 | Visual Studio Remote Code Execution Vulnerability | | |
| CVE-2022-35827 | Visual Studio Remote Code Execution Vulnerability | | |
| CVE-2022-35828 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | S | |
| CVE-2022-35829 | Service Fabric Explorer Spoofing Vulnerability | S | |
| CVE-2022-35830 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | | |
| CVE-2022-35831 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | | |
| CVE-2022-35832 | Windows Event Tracing Denial of Service Vulnerability | | |
| CVE-2022-35833 | Windows Secure Channel Denial of Service Vulnerability | | |
| CVE-2022-35834 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | | |
| CVE-2022-35835 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | | |
| CVE-2022-35836 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | | |
| CVE-2022-35837 | Windows Graphics Component Information Disclosure Vulnerability | | |
| CVE-2022-35838 | HTTP V3 Denial of Service Vulnerability | | |
| CVE-2022-35840 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | | |
| CVE-2022-35841 | Windows Enterprise App Management Service Remote Code Execution Vulnerability | | |
| CVE-2022-35842 | An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL... | S | |
| CVE-2022-35843 | An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login ... | S | |
| CVE-2022-35844 | An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the m... | | |
| CVE-2022-35845 | Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') ... | S | |
| CVE-2022-35846 | An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester ... | | |
| CVE-2022-35847 | An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in... | | |
| CVE-2022-35849 | An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the m... | S | |
| CVE-2022-35850 | An improper neutralization of script-related HTML tags in a web page vulnerability [CWE-80] in Forti... | S | |
| CVE-2022-35851 | An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC ma... | | |
| CVE-2022-35857 | kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserializati... | E | |
| CVE-2022-35858 | The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trust... | E | |
| CVE-2022-35860 | Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject... | E | |
| CVE-2022-35861 | pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the c... | S | |
| CVE-2022-35864 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | S | |
| CVE-2022-35865 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of BM... | S | |
| CVE-2022-35866 | This vulnerability allows remote attackers to bypass authentication on affected installations of Vin... | | |
| CVE-2022-35867 | This vulnerability allows local attackers to escalate privileges on affected installations of xhyve.... | | |
| CVE-2022-35868 | A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server... | | |
| CVE-2022-35869 | This vulnerability allows remote attackers to bypass authentication on affected installations of Ind... | | |
| CVE-2022-35870 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of In... | | |
| CVE-2022-35871 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of In... | | |
| CVE-2022-35872 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of In... | | |
| CVE-2022-35873 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of In... | | |
| CVE-2022-35874 | Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Sys... | E | |
| CVE-2022-35875 | Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Sys... | E | |
| CVE-2022-35876 | Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Sys... | E | |
| CVE-2022-35877 | Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Sys... | E | |
| CVE-2022-35878 | Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode System... | E | |
| CVE-2022-35879 | Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode System... | E | |
| CVE-2022-35880 | Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode System... | E | |
| CVE-2022-35881 | Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode System... | E | |
| CVE-2022-35882 | WordPress GS Testimonial Slider plugin <= 1.9.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | S | |
| CVE-2022-35883 | NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may allow an authe... | S | |
| CVE-2022-35884 | Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect func... | E | |
| CVE-2022-35885 | Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect func... | E | |
| CVE-2022-35886 | Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect func... | E | |
| CVE-2022-35887 | Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect func... | E | |
| CVE-2022-35888 | Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is ... | | |
| CVE-2022-35890 | An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Design... | E | |
| CVE-2022-35893 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vu... | | |
| CVE-2022-35894 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The SMI handler for the FwB... | E | |
| CVE-2022-35895 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm drive... | E | |
| CVE-2022-35896 | An issue SMM memory leak vulnerability in SMM driver (SMRAM was discovered in Insyde InsydeH2O with ... | E | |
| CVE-2022-35897 | An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Ins... | | |
| CVE-2022-35898 | OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password op... | | |
| CVE-2022-35899 | There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This... | E | |
| CVE-2022-35900 | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. ... | | |
| CVE-2022-35901 | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. ... | | |
| CVE-2022-35902 | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. ... | | |
| CVE-2022-35903 | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. ... | | |
| CVE-2022-35904 | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. ... | | |
| CVE-2022-35905 | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. ... | | |
| CVE-2022-35906 | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. ... | | |
| CVE-2022-35908 | Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in de... | | |
| CVE-2022-35909 | In Jellyfin before 10.8, the /users endpoint has incorrect access control for admin functionality.... | E S | |
| CVE-2022-35910 | In Jellyfin before 10.8, stored XSS allows theft of an admin access token.... | E S | |
| CVE-2022-35911 | On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omit... | E | |
| CVE-2022-35912 | In grails-databinding in Grails before 3.3.15, 4.x before 4.1.1, 5.x before 5.1.9, and 5.2.x before ... | S | |
| CVE-2022-35913 | Samourai Wallet Stonewallx2 0.99.98e allows a denial of service via a P2P coinjoin. The attacker and... | | |
| CVE-2022-35914 | /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP... | KEV E S | |
| CVE-2022-35915 | Unbounded gas consumption in @openzeppelin/contracts | S | |
| CVE-2022-35916 | Cross chain utilities for Arbitrum L2 see EOA calls as cross chain calls | S | |
| CVE-2022-35917 | Weakness in Transfer Validation Logic in @solana/pay | S | |
| CVE-2022-35918 | Streamlit directory traversal vulnerability | S | |
| CVE-2022-35919 | Authenticated requests for server update admin API allows path traversal in minio | E S | |
| CVE-2022-35920 | Improper Limitation of a Pathname to a Restricted Directory in sanic | E S | |
| CVE-2022-35921 | User preference to prevent private discussions not respected in fof/byobu | S | |
| CVE-2022-35922 | Memory allocation based on untrusted length in rust-websocket | S | |
| CVE-2022-35923 | Inefficient Regular Expression Complexity in v8n | E S | |
| CVE-2022-35924 | Verification requests (magic link) sent to unwanted emails | S | |
| CVE-2022-35925 | Missing rate limit in Authentication in bookwyrm | E S | |
| CVE-2022-35926 | Out-of-bounds read in IPv6 neighbor solicitation in Contiki-NG | S | |
| CVE-2022-35927 | Unverified DIO prefix info lengths in RPL-Classic in Contiki-NG | S | |
| CVE-2022-35928 | AES Crypt for Linux Password Security Vulnerability | S | |
| CVE-2022-35929 | False positive signature verification in cosign | E S | |
| CVE-2022-35930 | Ability to bypass attestation verification in sigstore PolicyController | S | |
| CVE-2022-35931 | Nextcloud Password Policy's generated passwords are not fully validated by HIBPValidator | S | |
| CVE-2022-35932 | Missing rate limit when trying to join a password protected Nextcloud Talk conversation | S | |
| CVE-2022-35933 | PrestaShop module Product Comments vulnerable to cross-site scripting (XSS) | S | |
| CVE-2022-35934 | `CHECK` failure in tf.reshape in Tensorflow | S | |
| CVE-2022-35935 | `CHECK` failure in `SobolSample` via missing validation in TensorFlow | S | |
| CVE-2022-35936 | Ethermint DoS through Unintended Contract Selfdestruct | E S | |
| CVE-2022-35937 | OOB read in `Gather_nd` op in TensorFlow Lite | S | |
| CVE-2022-35938 | OOB read in `Gather_nd` op in TensorFlow Lite Micro | S | |
| CVE-2022-35939 | Out of bounds write in `scatter_nd` op in TensorFlow Lite | S | |
| CVE-2022-35940 | Int overflow in `RaggedRangeOp` in Tensoflow | S | |
| CVE-2022-35941 | `CHECK` failure in `AvgPoolOp` in Tensorflow | S | |
| CVE-2022-35942 | loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter | S | |
| CVE-2022-35943 | SameSite may allow cross-site request forgery (CSRF) protection to be bypassed | E M | |
| CVE-2022-35944 | October CMS Safe Mode bypass leads to authenticated RCE (Remote Code Execution) | | |
| CVE-2022-35945 | Cross site scripting (XSS) via registration API in GLPI | S | |
| CVE-2022-35946 | SQL injection through plugin controller in GLPI | S | |
| CVE-2022-35947 | SQL injection in GLPI | S | |
| CVE-2022-35948 | CRLF Injection in Nodejs ‘undici’ via Content-Type | E S | |
| CVE-2022-35949 | `undici.request` vulnerable to SSRF using absolute URL on `pathname` | E S | |
| CVE-2022-35950 | OroCommerce Cross-site Scripting vulnerability in add note dialog of Shopping List line item | | |
| CVE-2022-35951 | Redis subject to Integer Overflow leading to Remote Code Execution via Heap Overflow | | |
| CVE-2022-35952 | `CHECK` failures in `UnbatchGradOp` in TensorFlow | S | |
| CVE-2022-35953 | URL Redirection to Untrusted Site ('Open Redirect') in bookwyrm | E S | |
| CVE-2022-35954 | Delimiter injection vulnerability in @actions/core exportVariable | S | |
| CVE-2022-35956 | update_by_case before 0.1.3 vulnerable to sql injection | | |
| CVE-2022-35957 | Authentication Bypass in Grafana via auth proxy allowing escalation from admin to server admin | | |
| CVE-2022-35958 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-37458. Reason: This candidat... | R | |
| CVE-2022-35959 | `CHECK` failures in `AvgPool3DGrad` in TensorFlow | S | |
| CVE-2022-35960 | `CHECK` failure in `TensorListReserve` in TensorFlow | S | |
| CVE-2022-35961 | ECDSA signature malleability in OpenZeppelin Contracts | S | |
| CVE-2022-35962 | Crafted link in Zulip message can cause disclosure of credentials | | |
| CVE-2022-35963 | `CHECK` failures in `FractionalAvgPoolGrad` in TensorFlow | S | |
| CVE-2022-35964 | Segfault in `BlockLSTMGradV2` in TensorFlow | S | |
| CVE-2022-35965 | Segfault in `LowerBound` and `UpperBound` in TensorFlow | S | |
| CVE-2022-35966 | Segfault in `QuantizedAvgPool` in TensorFlow | S | |
| CVE-2022-35967 | Segfault in `QuantizedAdd` in TensorFlow | S | |
| CVE-2022-35968 | `CHECK` fail in `AvgPoolGrad` in TensorFlow | S | |
| CVE-2022-35969 | `CHECK` fail in `Conv2DBackpropInput` in TensorFlow | S | |
| CVE-2022-35970 | Segfault in `QuantizedInstanceNorm` in TensorFlow | S | |
| CVE-2022-35971 | `CHECK` fail in `FakeQuantWithMinMaxVars` in TensorFlow | S | |
| CVE-2022-35972 | Segfault in `QuantizedBiasAdd` in TensorFlow | S | |
| CVE-2022-35973 | Segfault in `QuantizedMatMul` in TensorFlow | S | |
| CVE-2022-35974 | Segfault in `QuantizeDownAndShrinkRange` in TensorFlow | S | |
| CVE-2022-35975 | Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode | | |
| CVE-2022-35976 | Improper KubeConfig handling allows arbitrary code execution | | |
| CVE-2022-35977 | Integer overflow in certain command arguments can drive Redis to OOM panic | S | |
| CVE-2022-35978 | Lua sandbox escape from mod in Minetest | S | |
| CVE-2022-35979 | Segfault in `QuantizedRelu` and `QuantizedRelu6` | S | |
| CVE-2022-35980 | OpenSearch vulnerable to Improper Authorization of Index Containing Sensitive Information | S | |
| CVE-2022-35981 | `CHECK` fail in `FractionalMaxPoolGrad` in TensorFlow | S | |
| CVE-2022-35982 | Segfault in `SparseBincount` in TensorFlow | S | |
| CVE-2022-35983 | `CHECK` fail in `Save` and `SaveSlices` in TensorFlow | S | |
| CVE-2022-35984 | `CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow | S | |
| CVE-2022-35985 | `CHECK` fail in `LRNGrad` in TensorFlow | S | |
| CVE-2022-35986 | Segfault in `RaggedBincount` in TensorFlow | S | |
| CVE-2022-35987 | `CHECK` fail in `DenseBincount` in TensorFlow | S | |
| CVE-2022-35988 | `CHECK` fail in `tf.linalg.matrix_rank` in TensorFlow | S | |
| CVE-2022-35989 | `CHECK` fail in `MaxPool` in TensorFlow | S | |
| CVE-2022-35990 | `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient` in TensorFlow | S | |
| CVE-2022-35991 | `CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in TensorFlow | S | |
| CVE-2022-35992 | `CHECK` fail in `TensorListFromTensor` in TensorFlow | S | |
| CVE-2022-35993 | `CHECK` fail in `SetSize` in TensorFlow | S | |
| CVE-2022-35994 | `CHECK` fail in `CollectiveGather` in TensorFlow | S | |
| CVE-2022-35995 | `CHECK` fail in `AudioSummaryV2` in TensorFlow | S | |
| CVE-2022-35996 | Floating point exception in `Conv2D` in TensorFlow | S | |
| CVE-2022-35997 | `CHECK` fail in `tf.sparse.cross` in TensorFlow | S | |
| CVE-2022-35998 | `CHECK` fail in `EmptyTensorList` in TensorFlow | S | |
| CVE-2022-35999 | `CHECK` fail in `Conv2DBackpropInput` in TensorFlow | S |