| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2022-46020 | WBCE CMS v1.5.4 can implement getshell by modifying the upload file type.... | E | |
| CVE-2022-46021 | X-Man 1.0 has a SQL injection vulnerability, which can cause data leakage.... | | |
| CVE-2022-46025 | Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allo... | S | |
| CVE-2022-46047 | AeroCMS v0.0.1 is vulnerable to SQL Injection via the delete parameter.... | E | |
| CVE-2022-46051 | The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks.... | E | |
| CVE-2022-46058 | AeroCMS v0.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via add_post.php... | E | |
| CVE-2022-46059 | AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).... | E | |
| CVE-2022-46061 | AeroCMS v0.0.1 is vulnerable to ClickJacking.... | E | |
| CVE-2022-46062 | Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).... | E | |
| CVE-2022-46070 | GV-ASManager V6.0.1.0 contains a Local File Inclusion vulnerability in GeoWebServer via Path.... | | |
| CVE-2022-46071 | There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability ca... | E | |
| CVE-2022-46072 | Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection.... | E | |
| CVE-2022-46073 | Helmet Store Showroom 1.0 is vulnerable to Cross Site Scripting (XSS).... | E | |
| CVE-2022-46074 | Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated use... | E | |
| CVE-2022-46076 | D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi.... | E | |
| CVE-2022-46080 | Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTT... | | |
| CVE-2022-46081 | In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from cont... | E | |
| CVE-2022-46087 | CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cook... | E | |
| CVE-2022-46088 | Online Flight Booking Management System v1.0 was discovered to contain a cross-site scripting (XSS) ... | | |
| CVE-2022-46089 | Cross Site Scripting (XSS) vulnerability in the add-airline form of Online Flight Booking Management... | | |
| CVE-2022-46091 | Cross Site Scripting (XSS) vulnerability in the feedback form of Online Flight Booking Management Sy... | | |
| CVE-2022-46093 | Hospital Management System v1.0 is vulnerable to SQL Injection. Attackers can gain administrator pri... | E | |
| CVE-2022-46095 | Sourcecodester Covid-19 Directory on Vaccination System 1.0 was discovered to contain a Cross-Site S... | E | |
| CVE-2022-46096 | A Cross site scripting (XSS) vulnerability in Sourcecodester Online Covid-19 Directory on Vaccinatio... | E | |
| CVE-2022-46101 | AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to c... | E | |
| CVE-2022-46102 | AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php... | E | |
| CVE-2022-46109 | Tenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via function formSetClientState.... | E | |
| CVE-2022-46117 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=view_product&id=.... | E | |
| CVE-2022-46118 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=product_per_brand&bid=... | E | |
| CVE-2022-46119 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=categories&c=.... | E | |
| CVE-2022-46120 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/view_pr... | E | |
| CVE-2022-46121 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manage_... | E | |
| CVE-2022-46122 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/view_catego... | E | |
| CVE-2022-46123 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/manage_cate... | E | |
| CVE-2022-46124 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=user/manage_user... | E | |
| CVE-2022-46125 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manage_cl... | E | |
| CVE-2022-46126 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/manage_brand.ph... | E | |
| CVE-2022-46127 | Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/classes/Master.php?f=delete_... | E | |
| CVE-2022-46128 | phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) ... | | |
| CVE-2022-46135 | In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_p... | E | |
| CVE-2022-46137 | AeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (re... | E | |
| CVE-2022-46139 | TP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of Service ... | | |
| CVE-2022-46140 | Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an aut... | | |
| CVE-2022-46141 | A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An informat... | | |
| CVE-2022-46142 | Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical acc... | | |
| CVE-2022-46143 | Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attack... | | |
| CVE-2022-46144 | A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3),... | S | |
| CVE-2022-46145 | authentik vulnerable to unauthorized user creation and potential account takeover | M | |
| CVE-2022-46146 | Prometheus Exporter Toolkit vulnerable to basic authentication bypass | E S | |
| CVE-2022-46147 | Drag and Drop XBlock v2 has XSS Issues in Xblock Input Fields | E S | |
| CVE-2022-46148 | Discourse allows self-XSS through malicious composer message | | |
| CVE-2022-46149 | Cap'n Proto vulnerable to out-of-bounds read due to logic error handling list-of-list. | S | |
| CVE-2022-46150 | Discourse may allow exposure of hidden tags in the subject of notification emails | S | |
| CVE-2022-46151 | Reflected XSS | S | |
| CVE-2022-46152 | OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function | E S | |
| CVE-2022-46153 | Routes exposed with an empty TLSOption in traefik | S | |
| CVE-2022-46154 | Arbitrary file access in KodExplorer | S | |
| CVE-2022-46155 | Airtable.js credentials exposed in browser builds | S | |
| CVE-2022-46156 | Grafana's default installation of `synthetic-monitoring-agent` exposes sensitive information | S | |
| CVE-2022-46157 | Remote php code execution in Akeneo PIM | E M | |
| CVE-2022-46158 | Potential Information exposure in the upload directory in PrestaShop | S | |
| CVE-2022-46159 | Any authenticated Discourse user can create an unlisted topic | S | |
| CVE-2022-46160 | Tuleap dashboards vulnerable to Incorrect Authorization | S | |
| CVE-2022-46161 | Code injection in pdfmake | E | |
| CVE-2022-46162 | Discourse BBCode plugin vulnerable to arbitrary CSS injection | E S | |
| CVE-2022-46163 | travel-support-program vulnerable to data exfiltration via Ransack query injection | E S | |
| CVE-2022-46164 | Account takeover via prototype vulnerability | S | |
| CVE-2022-46165 | Cross-site Scripting (XSS) in Web GUI in syncthing | E S | |
| CVE-2022-46166 | Spring Boot Admins integrated notifier support allows arbitrary code execution | S | |
| CVE-2022-46167 | Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace | S | |
| CVE-2022-46168 | Group SMTP user emails are exposed in CC email header | S | |
| CVE-2022-46169 | Unauthenticated Command Injection | KEV E S | |
| CVE-2022-46170 | CodeIgniter is vulnerable to improper authentication via Session Handlers | S | |
| CVE-2022-46171 | Tauri vulnerable to path traversal | E S | |
| CVE-2022-46172 | authentik allows existing authenticated users to create arbitrary accounts | E | |
| CVE-2022-46173 | Elrond go Processing: fallback search of SCRs when not found in the main cache | S | |
| CVE-2022-46174 | Race condition during concurrent TLS mounts in efs-utils | S | |
| CVE-2022-46175 | JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain b... | E S | |
| CVE-2022-46176 | Cargo did not verify SSH host keys | S | |
| CVE-2022-46177 | Discourse password reset link can lead to in account takeover if user changes to a new email | S | |
| CVE-2022-46178 | Path Traversal In MeterSpere allows file upload to any path | E S | |
| CVE-2022-46179 | LiuOS vulnerable to Authorization Bypass through User-Controlled Key | E S | |
| CVE-2022-46180 | Arbitrary HTML injection in discourse-mermaid-theme-component | S | |
| CVE-2022-46181 | Gotify server XSS vulnerability in the application image file upload | S | |
| CVE-2022-46182 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46183 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46184 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46185 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46186 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46187 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46188 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46189 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46190 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46191 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46192 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46193 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46194 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46195 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46196 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46197 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46198 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46199 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46200 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46201 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46202 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46203 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46204 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46205 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46206 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46207 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46208 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46209 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46210 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46211 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46212 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46213 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46214 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46215 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46216 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46217 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46218 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46219 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46220 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46221 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46222 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46223 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46224 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46225 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46226 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46227 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46228 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46229 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46230 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46231 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46232 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46233 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46234 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46235 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46236 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46237 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46238 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46239 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46240 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46241 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46242 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46243 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46244 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46255 | Improper Limitation of a Pathname to a Restricted Directory in GitHub Enterprise Server leading to RCE | | |
| CVE-2022-46256 | Path traversal in GitHub Enterprise Server leading to remote code execution in GitHub Pages | | |
| CVE-2022-46257 | Information disclosure in GitHub Enterprise Server leading to unauthorized viewing of private repository names | | |
| CVE-2022-46258 | Incorrect Authorization in GitHub Enterprise Server leads to Action Workflow modifications without Workflow Scope | | |
| CVE-2022-46265 | A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected applicati... | M | |
| CVE-2022-46279 | Improper access control in the Intel(R) Retail Edge android application before version 3.0.301126-RE... | | |
| CVE-2022-46280 | A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open ... | E | |
| CVE-2022-46282 | Use after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitr... | | |
| CVE-2022-46283 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46285 | A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end... | S | |
| CVE-2022-46286 | CVE-2022-46286 | | |
| CVE-2022-46287 | Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote ... | | |
| CVE-2022-46288 | Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthe... | | |
| CVE-2022-46289 | Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open B... | E | |
| CVE-2022-46290 | Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open B... | E | |
| CVE-2022-46291 | Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality i... | E | |
| CVE-2022-46292 | Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality i... | E | |
| CVE-2022-46293 | Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality i... | E | |
| CVE-2022-46294 | Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality i... | E | |
| CVE-2022-46295 | Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality i... | E | |
| CVE-2022-46296 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46298 | Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable ... | | |
| CVE-2022-46299 | Insufficient control flow management for some Intel Unison software may allow an authenticated user ... | | |
| CVE-2022-46300 | CVE-2022-46300 | | |
| CVE-2022-46301 | Improper Initialization for some Intel Unison software may allow a privileged user to potentially en... | | |
| CVE-2022-46302 | Remote Code Execution with Root Privileges via Broad Apache Permissions | M | |
| CVE-2022-46303 | Command injection in SMS notifications | M | |
| CVE-2022-46304 | ChangingTec ServiSign - Command Injection | | |
| CVE-2022-46305 | ChangingTec ServiSign - Path Traversal | | |
| CVE-2022-46306 | ChangingTec ServiSign - Path Traversal | | |
| CVE-2022-46307 | SGUDA U-Lock - Broken Access Control | | |
| CVE-2022-46308 | SGUDA U-Lock - Broken Access Control | | |
| CVE-2022-46309 | Galaxy Software Services Corporation. Vitals ESP - Arbitrary Path File Reading | | |
| CVE-2022-46310 | The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this... | S | |
| CVE-2022-46311 | The contacts component has a free (undefined) provider vulnerability. Successful exploitation of thi... | S | |
| CVE-2022-46312 | The application management module has a vulnerability in permission verification. Successful exploit... | S | |
| CVE-2022-46313 | The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulne... | S | |
| CVE-2022-46314 | The IPC module has defects introduced in the design process. Successful exploitation of this vulnera... | S | |
| CVE-2022-46315 | The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnera... | S | |
| CVE-2022-46316 | A thread security vulnerability exists in the authentication process. Successful exploitation of thi... | S | |
| CVE-2022-46317 | The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of thi... | S | |
| CVE-2022-46318 | The HAware module has a function logic error. Successful exploitation of this vulnerability will aff... | S | |
| CVE-2022-46319 | Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of... | S | |
| CVE-2022-46320 | The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerabi... | S | |
| CVE-2022-46321 | The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vul... | S | |
| CVE-2022-46322 | Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnera... | S | |
| CVE-2022-46323 | Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerab... | S | |
| CVE-2022-46324 | Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnera... | S | |
| CVE-2022-46325 | Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerab... | S | |
| CVE-2022-46326 | Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnera... | S | |
| CVE-2022-46327 | Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause ... | S | |
| CVE-2022-46328 | Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerabil... | S | |
| CVE-2022-46329 | Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged ... | S | |
| CVE-2022-46330 | Squirrel.Windows is both a toolset and a library that provides installation and update functionality... | S | |
| CVE-2022-46331 | An unauthorized user could possibly delete any file on the system. ... | S | |
| CVE-2022-46332 | Proofpoint Enterprise Protection (PPS/PoD) XSS in "Attachment Names" | | |
| CVE-2022-46333 | Proofpoint Enterprise Protection perl eval() arbitrary command execution | | |
| CVE-2022-46334 | Proofpoint Enterprise Protection Local Privilege Escalation | | |
| CVE-2022-46335 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46336 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46337 | Apache Derby: LDAP injection vulnerability in authenticator | | |
| CVE-2022-46338 | g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make ... | S | |
| CVE-2022-46340 | A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTest... | | |
| CVE-2022-46341 | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveU... | | |
| CVE-2022-46342 | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelect... | | |
| CVE-2022-46343 | A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSave... | | |
| CVE-2022-46344 | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangePr... | | |
| CVE-2022-46345 | A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (... | | |
| CVE-2022-46346 | A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (... | | |
| CVE-2022-46347 | A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (... | | |
| CVE-2022-46348 | A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (... | | |
| CVE-2022-46349 | A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (... | | |
| CVE-2022-46350 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204... | S | |
| CVE-2022-46351 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204... | S | |
| CVE-2022-46352 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204... | S | |
| CVE-2022-46353 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204... | S | |
| CVE-2022-46354 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204... | S | |
| CVE-2022-46355 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204... | S | |
| CVE-2022-46356 | Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of ... | | |
| CVE-2022-46357 | Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of ... | | |
| CVE-2022-46358 | Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of ... | | |
| CVE-2022-46359 | Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of ... | | |
| CVE-2022-46360 | Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allo... | | |
| CVE-2022-46361 | Physical access to the WDM enables use of USB device to gain access to the WDM | | |
| CVE-2022-46363 | Apache CXF directory listing / code exfiltration | | |
| CVE-2022-46364 | Apache CXF SSRF Vulnerability | | |
| CVE-2022-46365 | Apache StreamPark (incubating): Logic error causing any account reset | | |
| CVE-2022-46366 | Apache Tapestry prior to version 4 (EOL) allows RCE though deserialization of untrusted input | | |
| CVE-2022-46367 | Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation | | |
| CVE-2022-46368 | Rumpus - FTP server Cross-site request forgery (CSRF) – Create user | | |
| CVE-2022-46369 | Rumpus - FTP server Persistent cross-site scripting (PXSS) – Unspecified vector | | |
| CVE-2022-46370 | Rumpus - FTP server Improper Token Verification | | |
| CVE-2022-46371 | Alotcer - AR7088H-A Information disclosure | | |
| CVE-2022-46372 | Alotcer - AR7088H-A Authenticated Command execution | | |
| CVE-2022-46377 | An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of... | E S | |
| CVE-2022-46378 | An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of... | E S | |
| CVE-2022-46381 | Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the b... | E | |
| CVE-2022-46382 | RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4... | | |
| CVE-2022-46383 | RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4... | | |
| CVE-2022-46387 | ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control ch... | | |
| CVE-2022-46389 | Cross-Site Scripting (XSS) vulnerability found on logout functionality | | |
| CVE-2022-46391 | AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhoi... | S | |
| CVE-2022-46392 | An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to ... | | |
| CVE-2022-46393 | An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-ba... | | |
| CVE-2022-46394 | An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper G... | | |
| CVE-2022-46395 | An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper G... | | |
| CVE-2022-46396 | An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU m... | | |
| CVE-2022-46397 | FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 1... | | |
| CVE-2022-46399 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT10011... | E | |
| CVE-2022-46400 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT10011... | E | |
| CVE-2022-46401 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT10011... | E | |
| CVE-2022-46402 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT10011... | E | |
| CVE-2022-46403 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT10011... | E | |
| CVE-2022-46404 | A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Uni... | M | |
| CVE-2022-46405 | Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by c... | E | |
| CVE-2022-46407 | Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoin... | | |
| CVE-2022-46408 | Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application ... | | |
| CVE-2022-46410 | An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privi... | | |
| CVE-2022-46411 | An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0... | | |
| CVE-2022-46412 | An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escap... | | |
| CVE-2022-46413 | An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0... | | |
| CVE-2022-46414 | An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0... | | |
| CVE-2022-46415 | DJI Spark 01.00.0900 allows remote attackers to prevent legitimate terminal connections by exhaustin... | E | |
| CVE-2022-46416 | Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting... | | |
| CVE-2022-46419 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46421 | Apache Airflow Hive Provider: Hive Provider RCE vulnerability with hive_cli_params | S | |
| CVE-2022-46422 | An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial ... | | |
| CVE-2022-46423 | An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. A... | | |
| CVE-2022-46424 | An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 5... | | |
| CVE-2022-46428 | TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code ... | | |
| CVE-2022-46430 | TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary ... | | |
| CVE-2022-46432 | An exploitable firmware modification vulnerability was discovered on TP-Link TL-WR743ND V1. An attac... | | |
| CVE-2022-46434 | An issue in the firmware update process of TP-Link TL-WA7510N v1 v3.12.6 and earlier allows attacker... | | |
| CVE-2022-46435 | An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 u... | | |
| CVE-2022-46438 | A cross-site scripting (XSS) vulnerability in the /admin/article_category.php component of DouPHP v1... | E | |
| CVE-2022-46440 | ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c.... | E | |
| CVE-2022-46442 | dedecms <=V5.7.102 is vulnerable to SQL Injection. In sys_ sql_ n query.php there are no restriction... | | |
| CVE-2022-46443 | mesinkasir Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter.... | E | |
| CVE-2022-46449 | An issue in MPD (Music Player Daemon) v0.23.10 allows attackers to cause a Denial of Service (DoS) v... | E | |
| CVE-2022-46456 | NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /... | E | |
| CVE-2022-46457 | NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /o... | E | |
| CVE-2022-46463 | An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private ima... | | |
| CVE-2022-46464 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2022-46471 | Online Health Care System v1.0 was discovered to contain a SQL injection vulnerability via the consu... | E | |
| CVE-2022-46472 | Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id p... | E | |
| CVE-2022-46475 | D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable... | E | |
| CVE-2022-46476 | D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= ... | E | |
| CVE-2022-46478 | The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default ... | E | |
| CVE-2022-46480 | Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd... | E | |
| CVE-2022-46484 | Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSu... | | |
| CVE-2022-46485 | Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial of... | E | |
| CVE-2022-46486 | A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Inte... | E | |
| CVE-2022-46487 | Improper initialization of x87 and SSE floating-point configuration registers in the __scone_entry c... | E | |
| CVE-2022-46489 | GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_iso... | E | |
| CVE-2022-46490 | GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_b... | E | |
| CVE-2022-46491 | A Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default v... | E | |
| CVE-2022-46492 | nbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file re... | E | |
| CVE-2022-46493 | Default version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the co... | E | |
| CVE-2022-46496 | BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate.... | | |
| CVE-2022-46497 | Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_n... | | |
| CVE-2022-46498 | Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the doc_n... | | |
| CVE-2022-46499 | Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_n... | | |
| CVE-2022-46501 | Accruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection vu... | | |
| CVE-2022-46502 | Online Student Enrollment System v1.0 was discovered to contain a SQL injection vulnerability via th... | E | |
| CVE-2022-46503 | A cross-site scripting (XSS) vulnerability in the component /admin/register.php of Online Student En... | E | |
| CVE-2022-46505 | An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field,... | E | |
| CVE-2022-46527 | ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a buffer overflow via the NFC data parser.... | E | |
| CVE-2022-46530 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mac parameter at /goform/Ge... | E | |
| CVE-2022-46531 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /gofo... | E | |
| CVE-2022-46532 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /gof... | E | |
| CVE-2022-46533 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /go... | E | |
| CVE-2022-46534 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the speed_dir parameter at /gof... | E | |
| CVE-2022-46535 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /gofo... | E | |
| CVE-2022-46536 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /... | E | |
| CVE-2022-46537 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security parameter at /gofo... | E | |
| CVE-2022-46538 | Tenda F1203 V2.0.1.6 was discovered to contain a command injection vulnerability via the mac paramet... | E | |
| CVE-2022-46539 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security_5g parameter at /g... | E | |
| CVE-2022-46540 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform... | E | |
| CVE-2022-46541 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/f... | E | |
| CVE-2022-46542 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/a... | E | |
| CVE-2022-46543 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mitInterface parameter at /... | E | |
| CVE-2022-46544 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the cmdinput parameter at /gofo... | E | |
| CVE-2022-46545 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/N... | E | |
| CVE-2022-46546 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform... | E | |
| CVE-2022-46547 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/V... | E | |
| CVE-2022-46548 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/D... | E | |
| CVE-2022-46549 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /gofo... | E | |
| CVE-2022-46550 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the urls parameter at /goform/s... | E | |
| CVE-2022-46551 | Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the time parameter at /goform/s... | E | |
| CVE-2022-46552 | D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulne... | E | |
| CVE-2022-46560 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overfl... | | |
| CVE-2022-46561 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overfl... | | |
| CVE-2022-46562 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overfl... | | |
| CVE-2022-46563 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overfl... | | |
| CVE-2022-46566 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overfl... | | |
| CVE-2022-46568 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overfl... | | |
| CVE-2022-46569 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overfl... | | |
| CVE-2022-46570 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overfl... | | |
| CVE-2022-46580 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the user_edit_page paramete... | E | |
| CVE-2022-46581 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.nslookup_ta... | E | |
| CVE-2022-46582 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the login_name parameter in... | E | |
| CVE-2022-46583 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reboot_type parameter i... | E | |
| CVE-2022-46584 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the qcawifi.wifi%d_vap%d.ma... | E | |
| CVE-2022-46585 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the REMOTE_USER parameter i... | E | |
| CVE-2022-46586 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the qcawifi.wifi%d_vap%d.ma... | E | |
| CVE-2022-46588 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the sys_service parameter i... | E | |
| CVE-2022-46589 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.netstat_opt... | E | |
| CVE-2022-46590 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.netstat_rsn... | E | |
| CVE-2022-46591 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reject_url parameter in... | E | |
| CVE-2022-46592 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin pa... | E | |
| CVE-2022-46593 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin pa... | E | |
| CVE-2022-46594 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the update_file_name parame... | E | |
| CVE-2022-46596 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the del_num parameter in th... | E | |
| CVE-2022-46597 | TRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the sys_se... | E | |
| CVE-2022-46598 | TRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the wps_st... | E | |
| CVE-2022-46599 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the setlogo_num parameter i... | E | |
| CVE-2022-46600 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin pa... | E | |
| CVE-2022-46601 | TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the setbg_num parameter in ... | E | |
| CVE-2022-46603 | An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted ma... | E | |
| CVE-2022-46604 | An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file exte... | | |
| CVE-2022-46609 | Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d4... | E | |
| CVE-2022-46610 | 72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload func... | E | |
| CVE-2022-46620 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2022-46621 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2022-46622 | A cross-site scripting (XSS) vulnerability in Judging Management System v1.0 allows attackers to exe... | | |
| CVE-2022-46623 | Judging Management System v1.0.0 was discovered to contain a SQL injection vulnerability via the use... | E | |
| CVE-2022-46624 | A cross-site scripting (XSS) vulnerability in Online Graduate Tracer System v1.0.0 allows attackers ... | | |
| CVE-2022-46631 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability v... | E | |
| CVE-2022-46634 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability v... | E | |
| CVE-2022-46637 | Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP servic... | E | |
| CVE-2022-46639 | A vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers ... | | |
| CVE-2022-46640 | Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which... | | |
| CVE-2022-46641 | D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0... | E | |
| CVE-2022-46642 | D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_... | E | |
| CVE-2022-46645 | Uncontrolled resource consumption in the Intel(R) Smart Campus Android application before version 9.... | | |
| CVE-2022-46646 | Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow ... | | |
| CVE-2022-46647 | Insertion of sensitive information into log file for some Intel Unison software may allow an authent... | | |
| CVE-2022-46648 | ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ru... | S | |
| CVE-2022-46649 | Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP lo... | E | |
| CVE-2022-46650 | Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the devi... | E | |
| CVE-2022-46651 | Apache Airflow: Security vulnerability on AirFlow Connections | S | |
| CVE-2022-46655 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46656 | Insecure inherited permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may al... | | |
| CVE-2022-46658 | CVE-2022-46658 | S | |
| CVE-2022-46660 | An unauthorized user could alter or write files with full control over the path and content of the ... | S | |
| CVE-2022-46662 | Roxio Creator LJB starts another program with an unquoted file path. Since a registered Windows serv... | | |
| CVE-2022-46663 | In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sen... | S | |
| CVE-2022-46664 | A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0), Mendix Workf... | S | |
| CVE-2022-46665 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46666 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46667 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46668 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46669 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46670 | Rockwell Automation MicroLogix 1100 & 1400 Vulnerable to Cross-Site Scripting Attack | | |
| CVE-2022-46671 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46672 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46673 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46675 | Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A u... | | |
| CVE-2022-46676 | Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious a... | | |
| CVE-2022-46677 | Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an ... | | |
| CVE-2022-46678 | Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authent... | | |
| CVE-2022-46679 | Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability... | | |
| CVE-2022-46680 | A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause di... | | |
| CVE-2022-46681 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46682 | Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external ent... | | |
| CVE-2022-46683 | Jenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect U... | | |
| CVE-2022-46684 | Jenkins Checkmarx Plugin 2022.3.3 and earlier does not escape values returned from the Checkmarx ser... | | |
| CVE-2022-46685 | In Jenkins Gitea Plugin 1.4.4 and earlier, the implementation of Gitea personal access tokens did no... | | |
| CVE-2022-46686 | Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property value... | | |
| CVE-2022-46687 | Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spri... | | |
| CVE-2022-46688 | A cross-site request forgery (CSRF) vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 a... | | |
| CVE-2022-46689 | A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS M... | | |
| CVE-2022-46690 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO... | | |
| CVE-2022-46691 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safar... | | |
| CVE-2022-46692 | A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS... | | |
| CVE-2022-46693 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tv... | | |
| CVE-2022-46694 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO... | | |
| CVE-2022-46695 | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input valid... | | |
| CVE-2022-46696 | A memory corruption issue was addressed with improved input validation. This issue is fixed in Safar... | | |
| CVE-2022-46697 | An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in ma... | | |
| CVE-2022-46698 | A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCl... | | |
| CVE-2022-46699 | A memory corruption issue was addressed with improved state management. This issue is fixed in Safar... | | |
| CVE-2022-46700 | A memory corruption issue was addressed with improved input validation. This issue is fixed in Safar... | | |
| CVE-2022-46701 | The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2... | | |
| CVE-2022-46702 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16... | | |
| CVE-2022-46703 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS... | | |
| CVE-2022-46704 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.... | | |
| CVE-2022-46705 | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input valid... | | |
| CVE-2022-46706 | A type confusion issue was addressed with improved state handling. This issue is fixed in Security U... | | |
| CVE-2022-46707 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46708 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46709 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS... | | |
| CVE-2022-46710 | A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, m... | | |
| CVE-2022-46712 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS V... | | |
| CVE-2022-46713 | A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13, ... | | |
| CVE-2022-46715 | A logic issue was addressed with improved checks. This issue is fixed in iOS 16.1 and iPadOS 16. An ... | | |
| CVE-2022-46716 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.... | | |
| CVE-2022-46717 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.2 and iPadOS 1... | | |
| CVE-2022-46718 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS... | | |
| CVE-2022-46719 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46720 | An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.2 an... | | |
| CVE-2022-46721 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An a... | | |
| CVE-2022-46722 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app ma... | | |
| CVE-2022-46723 | This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.1, macOS B... | | |
| CVE-2022-46724 | This issue was addressed by restricting options offered on a locked device. This issue is fixed in i... | | |
| CVE-2022-46725 | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input valid... | | |
| CVE-2022-46727 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46728 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46729 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46732 | CVE-2022-46732 | | |
| CVE-2022-46733 | CVE-2022-46733 | S | |
| CVE-2022-46734 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46735 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46736 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46738 | CVE-2022-46738 | S | |
| CVE-2022-46739 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-46740 | There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Ro... | | |
| CVE-2022-46741 | Out-of-bounds read in gather_tree in PaddlePaddle before 2.4. ... | E S | |
| CVE-2022-46742 | Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code... | E S | |
| CVE-2022-46743 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46744 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46745 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46746 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46747 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46748 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46749 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46750 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2022-46751 | Apache Ivy: XML External Entity vulnerability in Apache Ivy | S | |
| CVE-2022-46752 | Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker ma... | | |
| CVE-2022-46753 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46754 | Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticat... | | |
| CVE-2022-46755 | Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticat... | | |
| CVE-2022-46756 | Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-priv... | | |
| CVE-2022-46761 | The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful e... | S | |
| CVE-2022-46762 | The memory management module has a logic bypass vulnerability.Successful exploitation of this vulner... | S | |
| CVE-2022-46763 | A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 allows a low-priv... | | |
| CVE-2022-46764 | A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated at... | | |
| CVE-2022-46768 | File name information disclosure vulnerability in Zabbix Web Service Report Generation | S | |
| CVE-2022-46769 | Apache Sling App CMS: XSS in CMS Site Group Detail | | |
| CVE-2022-46770 | qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to... | E S | |
| CVE-2022-46771 | IBM UrbanCode Deploy (UCD) cross-site scripting | S | |
| CVE-2022-46773 | IBM Robotic Process Automation security bypass | S | |
| CVE-2022-46774 | IBM Manage Application security bypass | M | |
| CVE-2022-46781 | An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper G... | | |
| CVE-2022-46782 | An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only l... | | |
| CVE-2022-46783 | An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are us... | | |
| CVE-2022-46784 | SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows open redirection. (The issue was orig... | | |
| CVE-2022-46785 | SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 1 of 2).... | | |
| CVE-2022-46786 | SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 2 of 2).... | | |
| CVE-2022-46787 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46788 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46789 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46790 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46791 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-46792 | Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Po... | S | |
| CVE-2022-46793 | WordPress Product Feed PRO for WooCommerce Plugin <= 12.4.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46794 | WordPress WooCommerce Weight Based Shipping Plugin <= 5.4.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46795 | WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 4.7.2 - CSRF Plugin Settings Reset vulnerability | S | |
| CVE-2022-46796 | WordPress CURCY plugin <= 2.1.25 - Unauthenticated plugin settings change vulnerability | S | |
| CVE-2022-46797 | WordPress Conversios.io Plugin <= 5.2.3 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46798 | WordPress WooLentor Plugin <= 2.5.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46799 | WordPress Easy Testimonial Slider and Form Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-46800 | WordPress LiteSpeed Cache Plugin <= 5.3 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46801 | WordPress Site Reviews Plugin <= 6.2.0 is vulnerable to CSV Injection | S | |
| CVE-2022-46802 | WordPress Product Reviews Import Export for WooCommerce Plugin <= 1.4.8 is vulnerable to CSV Injection | S | |
| CVE-2022-46803 | WordPress Noptin Plugin <= 1.9.5 is vulnerable to CSV Injection | S | |
| CVE-2022-46804 | WordPress Export Users Data Distinct Plugin <= 1.3 is vulnerable to CSV Injection | | |
| CVE-2022-46805 | WordPress Conditional Payments for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46806 | WordPress Cart All In One For WooCommerce Plugin <= 1.1.10 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46807 | WordPress Stock Sync for WooCommerce plugin <= 2.3.2 - Broken Access Control | S | |
| CVE-2022-46808 | WordPress ARMember Plugin <= 3.4.11 is vulnerable to SQL Injection | S | |
| CVE-2022-46809 | WordPress ReviewX Plugin <= 1.6.7 is vulnerable to CSV Injection | S | |
| CVE-2022-46810 | WordPress Thank You Page Customizer for WooCommerce – Increase Your Sales Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46811 | WordPress ALD Dropshipping and Fulfillment for AliExpress and WooCommerce plugin <= 1.0.21 - Broken Access Control + CSRF | S | |
| CVE-2022-46812 | WordPress Thank You Page Customizer for WooCommerce – Increase Your Sales Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46813 | WordPress Advanced Database Cleaner Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46814 | WordPress Kodex Posts likes Plugin <= 2.4.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-46815 | WordPress Conditional Shipping for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46816 | WordPress Booking Ultra Pro Plugin <= 1.1.4 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-46817 | WordPress Flyzoo Chat Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-46818 | WordPress Email posts to subscribers Plugin <= 6.2 is vulnerable to SQL Injection | | |
| CVE-2022-46819 | WordPress Continuous announcement scroller Plugin <= 13.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-46820 | WordPress Joli Table Of Contents Plugin <= 1.3.9 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46821 | WordPress Emails & Newsletters with Jackmail Plugin <= 1.2.22 is vulnerable to CSV Injection | | |
| CVE-2022-46822 | WordPress WooCommerce JazzCash Gateway Plugin Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-46823 | A vulnerability has been identified in Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V... | S | |
| CVE-2022-46824 | In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was p... | | |
| CVE-2022-46825 | In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open proje... | | |
| CVE-2022-46826 | In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be rea... | | |
| CVE-2022-46827 | In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin... | | |
| CVE-2022-46828 | In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.... | | |
| CVE-2022-46829 | In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the hos... | | |
| CVE-2022-46830 | In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scan... | | |
| CVE-2022-46831 | In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential ... | | |
| CVE-2022-46832 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a low... | | |
| CVE-2022-46833 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a lo... | | |
| CVE-2022-46834 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a lo... | | |
| CVE-2022-46835 | SailPoint IdentityIQ JavaServer File Path Traversal Vulnerability | | |
| CVE-2022-46836 | PHP code injection in watolib | E | |
| CVE-2022-46838 | WordPress JS Help Desk plugin <= 2.7.1 - Unauthenticated Settings Change Vulnerability | S | |
| CVE-2022-46839 | WordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.7.1 is vulnerable to Arbitrary File Upload | S | |
| CVE-2022-46840 | WordPress JS Help Desk plugin <= 2.7.1 - Broken Access Control | S | |
| CVE-2022-46841 | WordPress Oxygen Builder Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46842 | WordPress JS Help Desk plugin <= 2.7.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46843 | WordPress Woocommerce Vietnam Checkout Plugin <= 2.0.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-46844 | WordPress PixFields Plugin <= 0.7.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-46846 | WordPress Trending/Popular Post Slider and Widget plugin <= 1.5.7 - Broken Access Control vulnerability | S | |
| CVE-2022-46848 | WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-46849 | WordPress Coming Soon Plugin <= 1.5.9 is vulnerable to SQL Injection | S | |
| CVE-2022-46850 | WordPress Easy Media Replace Plugin <= 0.1.3 is vulnerable to Arbitrary File Deletion | S | |
| CVE-2022-46851 | WordPress Starter Templates Plugin <= 3.1.20 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46852 | WordPress WP Table Builder – WordPress Table Plugin Plugin <= 1.4.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-46853 | WordPress The Post Grid Plugin <= 5.0.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46854 | WordPress Launchpad – Coming Soon & Maintenance Mode Plugin Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-46855 | WordPress Responsive Pricing Table Plugin <= 5.1.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-46856 | WordPress Woocommerce Product Designer Plugin <= 4.3.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-46857 | WordPress SiteAlert (Formerly WP Health) Plugin <= 1.9.7 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-46858 | WordPress Product Specifications for Woocommerce Plugin <= 0.6.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-46859 | WordPress Spiffy Calendar Plugin <= 4.9.1 is vulnerable to SQL Injection | S | |
| CVE-2022-46860 | WordPress Short URL Plugin <= 1.6.4 is vulnerable to SQL Injection | S | |
| CVE-2022-46861 | WordPress Login Page Styler Plugin <= 6.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-46862 | WordPress Quiz And Survey Master Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-46863 | WordPress Quick Event Manager Plugin <= 9.6.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-46864 | WordPress Woocommerce Custom Checkout Fields Editor With Drag & Drop Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-46865 | WordPress Bulk Resize Media Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-46866 | WordPress Import External Images Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-46867 | WordPress Universal Star Rating Plugin <= 2.1.0 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-46868 | Local privilege escalation during recovery due to improper soft link handling. The following product... | | |
| CVE-2022-46869 | Local privilege escalation during installation due to improper soft link handling. The following pro... | | |
| CVE-2022-46870 | Apache Zeppelin: Stored XSS in note permissions | | |
| CVE-2022-46871 | An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. T... | | |
| CVE-2022-46872 | An attacker who compromised a content process could have partially escaped the sandbox to read arbit... | | |
| CVE-2022-46873 | Because Firefox did not implement the unsafe-hashes CSP directive, an attacker who was ... | | |
| CVE-2022-46874 | A file with a long filename could have had its filename truncated to remove the valid extension, lea... | | |
| CVE-2022-46875 | The executable file warning was not presented when downloading .atloc and .ftploc files, which can r... | | |
| CVE-2022-46877 | By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulti... | | |
| CVE-2022-46878 | Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported ... | | |
| CVE-2022-46879 | Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Moz... | | |
| CVE-2022-46880 | A missing check related to tex units could have led to a use-after-free and potentially exploitable ... | | |
| CVE-2022-46881 | An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a ... | | |
| CVE-2022-46882 | A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnera... | | |
| CVE-2022-46883 | Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team re... | | |
| CVE-2022-46884 | A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed a... | | |
| CVE-2022-46885 | Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety ... | | |
| CVE-2022-46886 | There exists an open redirect within the response list update functionality of ServiceNow. This allo... | | |
| CVE-2022-46887 | Multiple SQL injection vulnerabilities in NexusPHP before 1.7.33 allow remote attackers to execute a... | E | |
| CVE-2022-46888 | Multiple reflective cross-site scripting (XSS) vulnerabilities in NexusPHP before 1.7.33 allow remot... | E | |
| CVE-2022-46889 | A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authen... | | |
| CVE-2022-46890 | Weak access control in NexusPHP before 1.7.33 allows a remote authenticated user to edit any post in... | E | |
| CVE-2022-46891 | An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileg... | | |
| CVE-2022-46892 | In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitia... | | |
| CVE-2022-46897 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The CapsuleIFWUSmm driver d... | | |
| CVE-2022-46898 | An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Trav... | | |
| CVE-2022-46899 | An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Arbitrary... | | |
| CVE-2022-46900 | An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Trav... | | |
| CVE-2022-46901 | An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access... | | |
| CVE-2022-46902 | An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Tr... | | |
| CVE-2022-46903 | Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker t... | | |
| CVE-2022-46904 | Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker t... | | |
| CVE-2022-46905 | Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker... | | |
| CVE-2022-46906 | Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker t... | | |
| CVE-2022-46907 | Apache JSPWiki: XSS Injection points in several plugins | | |
| CVE-2022-46908 | SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not pro... | E S | |
| CVE-2022-46910 | An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up t... | | |
| CVE-2022-46912 | An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allo... | | |
| CVE-2022-46914 | An issue in the firmware update process of TP-LINK TL-WA801N / TL-WA801ND V1 v3.12.16 and earlier al... | | |
| CVE-2022-46934 | kkFileView v4.1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url p... | E | |
| CVE-2022-46945 | Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the componen... | E S | |
| CVE-2022-46946 | Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id p... | E | |
| CVE-2022-46947 | Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id p... | E | |
| CVE-2022-46949 | Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id p... | E | |
| CVE-2022-46950 | Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via ... | E | |
| CVE-2022-46951 | Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via ... | E | |
| CVE-2022-46952 | Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via ... | E | |
| CVE-2022-46953 | Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via ... | E | |
| CVE-2022-46954 | Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via ... | | |
| CVE-2022-46955 | Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via ... | | |
| CVE-2022-46956 | Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via ... | E | |
| CVE-2022-46957 | Sourcecodester.com Online Graduate Tracer System V 1.0.0 is vulnerable to Cross Site Scripting (XSS)... | | |
| CVE-2022-46959 | An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a dire... | E S | |
| CVE-2022-46965 | PrestaShop module, totadministrativemandate before v1.7.1 was discovered to contain a SQL injection ... | E | |
| CVE-2022-46966 | Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php.... | E | |
| CVE-2022-46967 | An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view t... | | |
| CVE-2022-46968 | A stored cross-site scripting (XSS) vulnerability in /index.php?page=help of Revenue Collection Syst... | E | |
| CVE-2022-46973 | Report v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability.... | E | |
| CVE-2022-46996 | vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code exe... | E | |
| CVE-2022-46997 | Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execution ... | E | |
| CVE-2022-46998 | An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Reques... | E | |
| CVE-2022-46999 | Tuzicms v2.0.6 was discovered to contain a SQL injection vulnerability via the component \App\Manage... | E |