| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2022-47002 | A vulnerability in the Remember Me function of Masa CMS v7.2, 7.3, and 7.4-beta allows attackers to ... | E | |
| CVE-2022-47003 | A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass ... | S | |
| CVE-2022-47007 | An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows ... | E | |
| CVE-2022-47008 | An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2... | E | |
| CVE-2022-47010 | An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows atta... | E | |
| CVE-2022-47011 | An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, all... | E | |
| CVE-2022-47012 | Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21.... | E | |
| CVE-2022-47015 | MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for fun... | S | |
| CVE-2022-47016 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2022-47021 | A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c ... | E S | |
| CVE-2022-47022 | An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or oth... | E | |
| CVE-2022-47024 | A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c ... | S | |
| CVE-2022-47027 | Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary files... | E | |
| CVE-2022-47028 | An issue discovered in Action Launcher for Android v50.5 allows an attacker to cause a denial of ser... | E | |
| CVE-2022-47029 | An issue was found in Action Launcher v50.5 allows an attacker to escalate privilege via modificatio... | E | |
| CVE-2022-47034 | A type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows att... | S | |
| CVE-2022-47035 | Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker t... | S | |
| CVE-2022-47036 | Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been ... | | |
| CVE-2022-47037 | Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated crede... | E | |
| CVE-2022-47040 | An issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows attackers to escalate pri... | E | |
| CVE-2022-47042 | MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the compo... | E | |
| CVE-2022-47052 | The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injecti... | E | |
| CVE-2022-47053 | An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v... | | |
| CVE-2022-47065 | TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to cont... | E | |
| CVE-2022-47069 | p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive... | E | |
| CVE-2022-47070 | NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will ... | E | |
| CVE-2022-47071 | In NVS365 V01, the background network test function can trigger command execution.... | E | |
| CVE-2022-47072 | SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitra... | E | |
| CVE-2022-47073 | A cross-site scripting (XSS) vulnerability in the Create Ticket page of Small CRM v3.0 allows attack... | | |
| CVE-2022-47075 | An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive... | E | |
| CVE-2022-47076 | An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive inf... | E | |
| CVE-2022-47083 | A PHP Object Injection vulnerability in the unserialize() function Spitfire CMS v1.0.475 allows auth... | E | |
| CVE-2022-47085 | An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service or oth... | E S | |
| CVE-2022-47086 | GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load... | E | |
| CVE-2022-47087 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function ... | E | |
| CVE-2022-47088 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow.... | E | |
| CVE-2022-47089 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_intern... | E | |
| CVE-2022-47090 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gf_vvc_read_pps_bs_internal func... | | |
| CVE-2022-47091 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub functi... | E | |
| CVE-2022-47092 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is contains an Integer overflow vulnerability in gf_hevc_read_... | E | |
| CVE-2022-47093 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:47... | E | |
| CVE-2022-47094 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts... | E | |
| CVE-2022-47095 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension f... | E | |
| CVE-2022-47100 | A vulnerability in Sengled Smart bulb 0x0000024 allows attackers to arbitrarily perform a factory re... | E | |
| CVE-2022-47102 | A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows at... | E | |
| CVE-2022-47105 | Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component /sys/dic... | E S | |
| CVE-2022-47111 | 7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserve... | | |
| CVE-2022-47112 | 7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserv... | | |
| CVE-2022-47115 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepauth parameter at /gofo... | E | |
| CVE-2022-47116 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the SYSPS parameter at /goform... | E | |
| CVE-2022-47117 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the security parameter at /gof... | E | |
| CVE-2022-47118 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey1 parameter at /gofo... | E | |
| CVE-2022-47119 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the ssid parameter at /goform/... | E | |
| CVE-2022-47120 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the security_5g parameter at /... | E | |
| CVE-2022-47121 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey parameter at /gofor... | E | |
| CVE-2022-47122 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlPwd_5g parameter at /go... | E | |
| CVE-2022-47123 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey3 parameter at /gofo... | E | |
| CVE-2022-47124 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey4 parameter at /gofo... | E | |
| CVE-2022-47125 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlEn_5g parameter at /gof... | E | |
| CVE-2022-47126 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlEn parameter at /goform... | E | |
| CVE-2022-47127 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlPwd parameter at /gofor... | E | |
| CVE-2022-47128 | Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey2 parameter at /gofo... | E | |
| CVE-2022-47129 | PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability.... | | |
| CVE-2022-47130 | A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows a discount coupon to be arbit... | E | |
| CVE-2022-47131 | A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows an attacker to arbitrarily cr... | E | |
| CVE-2022-47132 | A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows attackers to arbitrarily add ... | | |
| CVE-2022-47134 | WordPress Gallery Metabox Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47135 | WordPress Chronoforms Plugin <= 7.0.9 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47136 | WordPress Ninja Tables Plugin <= 4.3.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47137 | WordPress Ninja Tables Plugin <= 4.3.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47138 | WordPress LOGIN AND REGISTRATION ATTEMPTS LIMIT Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47139 | WordPress WP Basic Elements Plugin <= 5.2.15 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47140 | WordPress ARMember Plugin <= 4.0.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47141 | WordPress WP Dynamic Keywords Injector Plugin <= 2.3.15 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47142 | WordPress Mediamatic – Media Library Folders Plugin <= 2.8.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47143 | WordPress Multiple Page Generator Plugin – MPG Plugin <= 3.3.9 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47144 | WordPress Mediamatic – Media Library Folders Plugin <= 2.8.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47145 | WordPress Blockonomics Plugin <= 3.5.7 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47146 | WordPress Real Estate 7 Theme <= 3.3.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47147 | WordPress ipBlockList Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47148 | WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47149 | WordPress Shortlinks by Pretty Links Plugin <= 3.4.0 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47151 | WordPress JS Help Desk plugin <= 2.7.1 - Unauth. SQL Injection Vulnerability | S | |
| CVE-2022-47152 | WordPress clickfunnels Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47153 | WordPress Jobeleon theme <= 1.9.1 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2022-47154 | WordPress CSS JS Manager Plugin <= 2.4.49 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47155 | WordPress Slider by Supsystic Plugin <= 1.8.5 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47157 | WordPress WP Custom Fields Search Plugin <= 1.2.34 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47158 | WordPress alfred24 Click & Collect Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47159 | WordPress Logaster Logo Generator Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47160 | WordPress Wp Social Plugin <= 1.9.0 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2022-47161 | WordPress Health Check & Troubleshooting Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47162 | WordPress DH – Anti AdBlocker Plugin <= 36 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47163 | WordPress WP CSV to Database Plugin <= 2.6 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47164 | WordPress Event Manager for WooCommerce Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47165 | WordPress CoSchedule Plugin <= 3.3.8 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47166 | WordPress Void Contact Form 7 Widget For Elementor Page Builder Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47167 | WordPress Crayon Syntax Highlighter Plugin <= 2.8.4 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47168 | WordPress Printful Integration for WooCommerce plugin <= 2.2.3 - Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47169 | WordPress Visibility Logic for Elementor Plugin <= 2.3.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47170 | WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.48 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47171 | WordPress IP Vault – WP Firewall Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47172 | WordPress WooLentor Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47173 | WordPress Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration Plugin <= 1.62.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47174 | WordPress Performance Lab Plugin <= 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47175 | WordPress Royal Elementor Addons Plugin <= 1.3.75 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47176 | WordPress Depicter Slider plugin <= 1.9.0 - Broken Access Control vulnerability | S | |
| CVE-2022-47177 | WordPress WP EasyPay Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47178 | WordPress Simple Share Buttons Adder Plugin <= 8.4.7 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47179 | WordPress OWM Weather Plugin <= 5.6.11 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47180 | WordPress Kopa Framework Plugin <= 1.3.5 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47181 | WordPress Email Templates Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47182 | WordPress APIExperts Square for WooCommerce plugin <= 4.4.1 - Broken Access Control | S | |
| CVE-2022-47183 | WordPress Extra Block Design, Style, CSS for ANY Gutenberg Blocks Plugin <= 0.2.6 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47184 | Apache Traffic Server: The TRACE method can be use to disclose network information | | |
| CVE-2022-47185 | Apache Traffic Server: Invalid Range header causes a crash | | |
| CVE-2022-47186 | Unrestricted Upload of File vulnerability in Generex CS141 | S | |
| CVE-2022-47187 | File upload XSS vulnerability in Generex CS141 | S | |
| CVE-2022-47188 | Improper Input Validation in Generex CS141 | S | |
| CVE-2022-47189 | DoS via file upload vulnerability at Generex CS141 | S | |
| CVE-2022-47190 | RCE via file upload vulnerability in Generex CS141 | S | |
| CVE-2022-47191 | Privilege Escalation via file upload vulnerability at Generex CS141 | S | |
| CVE-2022-47192 | Admin password reset via file upload vulnerability in Generex CS141 | S | |
| CVE-2022-47194 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghos... | E | |
| CVE-2022-47195 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghos... | E | |
| CVE-2022-47196 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghos... | E | |
| CVE-2022-47197 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghos... | E | |
| CVE-2022-47208 | The “puhttpsniff” service, which runs by default, is susceptible to command injection due to imprope... | | |
| CVE-2022-47209 | A support user exists on the device and appears to be a backdoor for Technical Support staff. The de... | E S | |
| CVE-2022-47210 | The default console presented to users over telnet (when enabled) is restricted to a subset of comma... | E S | |
| CVE-2022-47211 | Microsoft Office Graphics Remote Code Execution Vulnerability | S | |
| CVE-2022-47212 | Microsoft Office Graphics Remote Code Execution Vulnerability | | |
| CVE-2022-47213 | Microsoft Office Graphics Remote Code Execution Vulnerability | | |
| CVE-2022-47311 | CVE-2022-47311 | S | |
| CVE-2022-47317 | Out-of-bounds write vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtai... | | |
| CVE-2022-47318 | ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ru... | S | |
| CVE-2022-47320 | CVE-2022-47320 | S | |
| CVE-2022-47322 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47323 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47324 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47325 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47326 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47327 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47328 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47329 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47330 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47331 | In wlan driver, there is a race condition. This could lead to local denial of service in wlan servic... | | |
| CVE-2022-47332 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47333 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47334 | In phasecheck server, there is a possible out of bounds read due to a missing bounds check. This cou... | | |
| CVE-2022-47335 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47336 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47337 | In media service, there is a missing permission check. This could lead to local denial of service in... | | |
| CVE-2022-47338 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47339 | In cmd services, there is a OS command injection issue due to missing permission check. This could l... | | |
| CVE-2022-47340 | In h265 codec firmware, there is a possible out of bounds write due to a missing bounds check. This ... | | |
| CVE-2022-47341 | In engineermode services, there is a missing permission check. This could lead to local escalation o... | | |
| CVE-2022-47342 | In engineermode services, there is a missing permission check. This could lead to local denial of se... | | |
| CVE-2022-47343 | In engineermode services, there is a missing permission check. This could lead to local denial of se... | | |
| CVE-2022-47344 | In engineermode services, there is a missing permission check. This could lead to local denial of se... | | |
| CVE-2022-47345 | In engineermode services, there is a missing permission check. This could lead to local denial of se... | | |
| CVE-2022-47346 | In engineermode services, there is a missing permission check. This could lead to local denial of se... | | |
| CVE-2022-47347 | In engineermode services, there is a missing permission check. This could lead to local denial of se... | | |
| CVE-2022-47348 | In engineermode services, there is a missing permission check. This could lead to local denial of se... | | |
| CVE-2022-47350 | In camera driver, there is a possible out of bounds read due to a missing bounds check. This could l... | | |
| CVE-2022-47351 | In camera driver, there is a possible out of bounds read due to a missing bounds check. This could l... | | |
| CVE-2022-47352 | In camera driver, there is a possible out of bounds read due to a missing bounds check. This could l... | | |
| CVE-2022-47353 | In vdsp device, there is a possible system crash due to improper input validation.This could lead to... | | |
| CVE-2022-47354 | In log service, there is a missing permission check. This could lead to local denial of service in l... | | |
| CVE-2022-47355 | In log service, there is a missing permission check. This could lead to local denial of service in l... | | |
| CVE-2022-47356 | In log service, there is a missing permission check. This could lead to local denial of service in l... | | |
| CVE-2022-47357 | In log service, there is a missing permission check. This could lead to local denial of service in l... | | |
| CVE-2022-47358 | In log service, there is a missing permission check. This could lead to local denial of service in l... | | |
| CVE-2022-47359 | In log service, there is a missing permission check. This could lead to local denial of service in l... | | |
| CVE-2022-47360 | In log service, there is a missing permission check. This could lead to local denial of service in l... | | |
| CVE-2022-47361 | In firewall service, there is a missing permission check. This could lead to local escalation of pri... | | |
| CVE-2022-47362 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47363 | In wlan driver, there is a possible out of bounds read due to a missing bounds check. This could lea... | | |
| CVE-2022-47364 | In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2022-47365 | In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2022-47366 | In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2022-47367 | In bluetooth driver, there is a missing permission check. This could lead to local information discl... | | |
| CVE-2022-47368 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47369 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47370 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47371 | In bt driver, there is a thread competition leads to early release of resources to be accessed. This... | | |
| CVE-2022-47372 | Stored cross-site scripting vulnerability in create event section | S | |
| CVE-2022-47373 | Reflected Cross Site Scripting in Search Functionality of Module Library | S | |
| CVE-2022-47374 | A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 41... | | |
| CVE-2022-47375 | A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 41... | | |
| CVE-2022-47376 | The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password afte... | | |
| CVE-2022-47377 | Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 a... | | |
| CVE-2022-47378 | CODESYS: Multiple products prone to Improper Input Validation | | |
| CVE-2022-47379 | CODESYS: Multiple products prone to out-of-bounds write | | |
| CVE-2022-47380 | CODESYS: Multiple products prone to out-of-bounds write | | |
| CVE-2022-47381 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47382 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47383 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47384 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47385 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47386 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47387 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47388 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47389 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47390 | CODESYS: Multiple products prone to stack based out-of-bounds write | | |
| CVE-2022-47391 | CODESYS: Multiple products prone to Improper Input Validation | | |
| CVE-2022-47392 | CODESYS: Multiple products prone to Improper Input Validation | | |
| CVE-2022-47393 | CODESYS: Multiple products prone to improperly restricted memory operations | | |
| CVE-2022-47395 | CVE-2022-47395 | S | |
| CVE-2022-47396 | Rejected reason: Not used... | R | |
| CVE-2022-47397 | Rejected reason: Not used... | R | |
| CVE-2022-47398 | Rejected reason: Not used... | R | |
| CVE-2022-47399 | Rejected reason: Not used... | R | |
| CVE-2022-47400 | Rejected reason: Not used... | R | |
| CVE-2022-47401 | Rejected reason: Not used... | R | |
| CVE-2022-47402 | Rejected reason: Not used... | R | |
| CVE-2022-47403 | Rejected reason: Not used... | R | |
| CVE-2022-47404 | Rejected reason: Not used... | R | |
| CVE-2022-47405 | Rejected reason: Not used... | R | |
| CVE-2022-47406 | An issue was discovered in the fe_change_pwd (aka Change password for frontend users) extension befo... | S | |
| CVE-2022-47407 | An issue was discovered in the fp_masterquiz (aka Master-Quiz) extension before 2.2.1, and 3.x befor... | S | |
| CVE-2022-47408 | An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before... | S | |
| CVE-2022-47409 | An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before... | S | |
| CVE-2022-47410 | An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before... | S | |
| CVE-2022-47411 | An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before... | S | |
| CVE-2022-47412 | ONLYOFFICE Workspace Search Stored XSS | E M | |
| CVE-2022-47413 | Given a malicious document provided by an attacker, the OpenKM DMS is vulnerable to a stored (persi... | E | |
| CVE-2022-47414 | If an attacker has access to the console for OpenKM (and is authenticated), a stored XSS vulnerabil... | E | |
| CVE-2022-47415 | LogicalDOC Messaging Stored XSS | E | |
| CVE-2022-47416 | LogicalDOC Chat Stored XSS | E | |
| CVE-2022-47417 | LogicalDOC Document File Name Stored XSS | E | |
| CVE-2022-47418 | LogicalDOC Document Version Comment Stored XSS | E | |
| CVE-2022-47419 | Mayan EDMS Tag XSS | E | |
| CVE-2022-47420 | WordPress Accessibility Suite by Online ADA Plugin <= 4.12 is vulnerable to SQL Injection | S | |
| CVE-2022-47421 | WordPress ARMember (free) and ARMember (premium) plugins - vulnerable to Auth. Stored Cross Site Scripting (XSS) | S | |
| CVE-2022-47422 | WordPress WordPress Stripe Donation and Payment Plugin Plugin <= 3.1.5 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47423 | WordPress WP-dTree Plugin <= 4.4.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47424 | WordPress ARMember plugin <= 4.0.5 - Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47426 | WordPress Neshan Maps Plugin <= 1.1.4 is vulnerable to SQL Injection | | |
| CVE-2022-47427 | WordPress My Calendar Plugin <= 3.3.24.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47428 | WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.7 is vulnerable to SQL Injection | S | |
| CVE-2022-47429 | WordPress Coming Soon Landing Page and Maintenance Mode WordPress Plugin plugin <= 2.2.0 - Broken Access Control | | |
| CVE-2022-47430 | WordPress The School Management – Education & Learning Management Plugin <= 4.1 is vulnerable to SQL Injection | S | |
| CVE-2022-47431 | WordPress Open RDW kenteken voertuiginformatie Plugin <= 2.0.14 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47432 | WordPress Shortcode IMDB Plugin <= 6.0.8 is vulnerable to SQL Injection | | |
| CVE-2022-47433 | WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47434 | WordPress PB SEO Friendly Images Plugin <= 4.0.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47435 | WordPress WP-OliveCart Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47436 | WordPress Yatra Plugin <= 2.1.14 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47437 | WordPress WSB Brands Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47438 | WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47439 | WordPress Open Graphite Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47440 | WordPress My Tickets Plugin <= 1.9.10 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47441 | WordPress Charitable Plugin <= 1.7.0.10 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47442 | WordPress UsersWP Plugin <= 1.2.3.9 is vulnerable to CSV Injection | S | |
| CVE-2022-47443 | WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47444 | WordPress ProfilePress Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47445 | WordPress Be POPIA Compliant Plugin <= 1.2.0 is vulnerable to SQL Injection | | |
| CVE-2022-47446 | WordPress Store Locator Plugin <= 3.98.7 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47447 | WordPress WP-Advanced-Search Plugin <= 3.3.8 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47448 | WordPress xili-tidy-tags Plugin <= 1.12.03 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47449 | WordPress Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47450 | In wlan driver, there is a possible missing permission check. This could lead to local information d... | | |
| CVE-2022-47451 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47452 | In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2022-47453 | In wcn service, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47454 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47455 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47456 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47457 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47458 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47459 | In wlan driver, there is a possible missing params check. This could lead to local denial of service... | | |
| CVE-2022-47460 | In gpu device, there is a memory corruption due to a use after free. This could lead to local denial... | | |
| CVE-2022-47461 | In telephone service, there is a missing permission check. This could lead to local escalation of pr... | | |
| CVE-2022-47462 | In telephone service, there is a missing permission check. This could lead to local escalation of pr... | | |
| CVE-2022-47463 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47464 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47465 | In vdsp service, there is a missing permission check. This could lead to local denial of service in ... | | |
| CVE-2022-47466 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47467 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47468 | In telecom service, there is a missing permission check. This could lead to local denial of service ... | | |
| CVE-2022-47469 | In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This c... | | |
| CVE-2022-47470 | In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This c... | | |
| CVE-2022-47471 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47472 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47473 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47474 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47475 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47476 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47477 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47478 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47479 | In telephony service, there is a missing permission check. This could lead to local information disc... | | |
| CVE-2022-47480 | In telephony service, there is a missing permission check. This could lead to local denial of servic... | | |
| CVE-2022-47481 | In telephony service, there is a missing permission check. This could lead to local denial of servic... | | |
| CVE-2022-47482 | In telephony service, there is a missing permission check. This could lead to local denial of servic... | | |
| CVE-2022-47483 | In telephony service, there is a missing permission check. This could lead to local denial of servic... | | |
| CVE-2022-47484 | In telephony service, there is a missing permission check. This could lead to local denial of servic... | | |
| CVE-2022-47485 | In modem control device, there is a possible out of bounds write due to a missing bounds check. This... | | |
| CVE-2022-47486 | In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This c... | | |
| CVE-2022-47487 | In thermal service, there is a possible out of bounds write due to a missing bounds check. This coul... | | |
| CVE-2022-47488 | In spipe drive, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2022-47489 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could ... | | |
| CVE-2022-47490 | In soter service, there is a possible missing permission check. This could lead to local denial of s... | | |
| CVE-2022-47491 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could ... | | |
| CVE-2022-47492 | In soter service, there is a possible missing permission check. This could lead to local denial of s... | | |
| CVE-2022-47493 | In soter service, there is a possible missing permission check. This could lead to local denial of s... | | |
| CVE-2022-47494 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could ... | | |
| CVE-2022-47495 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could ... | | |
| CVE-2022-47496 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could ... | | |
| CVE-2022-47497 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could ... | | |
| CVE-2022-47498 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could ... | | |
| CVE-2022-47499 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could ... | | |
| CVE-2022-47500 | Apache Helix: Open redirect | | |
| CVE-2022-47501 | Apache OFBiz: Arbitrary file reading vulnerability | S | |
| CVE-2022-47502 | Apache OpenOffice: Macro URL arbitrary script execution | | |
| CVE-2022-47503 | SolarWinds Platform Deserialization of Untrusted Data Vulnerability | S | |
| CVE-2022-47504 | SolarWinds Platform Deserialization of Untrusted Data Vulnerability | S | |
| CVE-2022-47505 | SolarWinds Platform Local Privilege Escalation Vulnerability | S | |
| CVE-2022-47506 | SolarWinds Platform Directory Traversal Vulnerability | S | |
| CVE-2022-47507 | SolarWinds Platform Deserialization of Untrusted Data Vulnerability | S | |
| CVE-2022-47508 | Disable NTLM: SAM 2022.4 | S | |
| CVE-2022-47509 | SolarWinds Platform Incorrect Input Neutralization Vulnerability | S | |
| CVE-2022-47512 | Sensitive Data Disclosure Vulnerability | S | |
| CVE-2022-47514 | An XML external entity (XXE) injection vulnerability in XML-RPC.NET before 2.5.0 allows remote authe... | E | |
| CVE-2022-47515 | An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a deni... | E S | |
| CVE-2022-47516 | An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows remote ... | E S | |
| CVE-2022-47517 | An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. It allows remote ... | E S | |
| CVE-2022-47518 | An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of chann... | S | |
| CVE-2022-47519 | An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_... | S | |
| CVE-2022-47520 | An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/... | S | |
| CVE-2022-47521 | An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_... | S | |
| CVE-2022-47522 | The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (p... | E | |
| CVE-2022-47523 | Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 bef... | S | |
| CVE-2022-47524 | F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.... | | |
| CVE-2022-47525 | Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet... | | |
| CVE-2022-47526 | Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path traversal vulnerability with resultan... | | |
| CVE-2022-47529 | Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allo... | E | |
| CVE-2022-47531 | An issue was discovered in Ericsson Evolved Packet Gateway (EPG) versions 3.x before 3.25 and 2.x be... | | |
| CVE-2022-47532 | FileRun 20220519 allows SQL Injection via the "dir" parameter in a /?module=users§ion=cpanel&pag... | E | |
| CVE-2022-47542 | Red Gate SQL Monitor 11.0.14 through 12.1.46 has Incorrect Access Control, exploitable remotely for ... | | |
| CVE-2022-47543 | An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects... | | |
| CVE-2022-47544 | An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is insuffic... | | |
| CVE-2022-47547 | GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be... | E | |
| CVE-2022-47549 | An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Executio... | E | |
| CVE-2022-47551 | Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Mana... | | |
| CVE-2022-47553 | Improper Authorization in Ormazabal products | S | |
| CVE-2022-47554 | Exposure of Sensitive Information in Ormazabal products | S | |
| CVE-2022-47555 | Improper Neutralization of Special Elements in Ormazabal products | S | |
| CVE-2022-47556 | Uncontrolled Resource Consumption in Ormazabal products | S | |
| CVE-2022-47557 | Use of Password Hash With Insufficient Computational Effort in Ormazabal products | S | |
| CVE-2022-47558 | Improper Access Control in Ormazabal products | S | |
| CVE-2022-47559 | Cross-Site Request Forgery in Ormazabal products | S | |
| CVE-2022-47560 | Cleartext Transmission of Sensitive Information in Ormazabal products | S | |
| CVE-2022-47561 | Unprotected Storage of Credentials in Ormazabal products | S | |
| CVE-2022-47562 | Allocation of Resources Without Limits or Throttling in Ormazabal products | S | |
| CVE-2022-47577 | An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10... | E | |
| CVE-2022-47578 | An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10... | E | |
| CVE-2022-47581 | Isode M-Vault 16.0v0 through 17.x before 17.0v24 can crash upon an LDAP v1 bind request.... | | |
| CVE-2022-47583 | Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to th... | E | |
| CVE-2022-47586 | WordPress Ultimate Addons for Contact Form 7 Plugin <= 3.1.23 is vulnerable to SQL Injection | S | |
| CVE-2022-47587 | WordPress WP Search Analytics Plugin <= 1.4.5 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47588 | WordPress Simple Photo Gallery Plugin <= v1.8.1 is vulnerable to SQL Injection | | |
| CVE-2022-47589 | WordPress CTT Expresso para WooCommerce Plugin <= 3.2.11 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47590 | WordPress Maintenance Switch Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47591 | WordPress Map Multi Marker Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47592 | WordPress MagicForm Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47593 | WordPress RapidLoad Power-Up for Autoptimize Plugin <= 1.6.35 is vulnerable to SQL Injection | S | |
| CVE-2022-47594 | WordPress Essential Blocks for Gutenberg plugin <= 3.8.5 - Broken Access Control | S | |
| CVE-2022-47595 | WordPress WP Google Maps Plugin <= 9.0.15 is vulnerable to Path Traversal | S | |
| CVE-2022-47596 | WordPress Media Library Categories Plugin <= 1.9.9 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47597 | WordPress Popup Maker Plugin <= 1.17.1 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2022-47598 | WordPress WP Super Popup Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47599 | WordPress File Manager Plugin <= 5.2.7 is vulnerable to PHP Object Injection | S | |
| CVE-2022-47600 | WordPress Mass Email To users Plugin <= 1.1.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47601 | WordPress WP Table Manager plugin <= 3.5.2 - Broken Access Control | S | |
| CVE-2022-47602 | WordPress WP Table Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47603 | WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47604 | WordPress AJAX Thumbnail Rebuild plugin <= 1.13 - Broken Access Control vulnerability | S | |
| CVE-2022-47605 | WordPress Custom 404 Pro Plugin <= 3.7.0 is vulnerable to SQL Injection (SQLi) | S | |
| CVE-2022-47606 | WordPress WP-CORS Plugin <= 0.2.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2022-47607 | WordPress Usersnap Plugin <= 4.16 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47608 | WordPress Quick Contact Form Plugin <= 8.0.3.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47609 | WordPress DNUI Plugin <= 2.8.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47610 | WordPress Simple Image Popup Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47611 | WordPress Hover Image Plugin <= 1.4.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2022-47612 | WordPress Participants Database Plugin <= 2.4.5 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-47613 | WordPress AI ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-47614 | WordPress MStore API Plugin <= 3.9.7 is vulnerable to SQL Injection | S | |
| CVE-2022-47615 | WordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to Local File Inclusion | E S | |
| CVE-2022-47616 | Hitron Technologies Inc. CODA-5310 - Remote Command Execution | S | |
| CVE-2022-47617 | Hitron Technologies Inc. CODA-5310 - Hard-coded Cryptographic Key | S | |
| CVE-2022-47618 | Merit Lilin Ent. Co., Ltd. AH55B04 & AH55B08 DVR - Hard-coded Credentials | S | |
| CVE-2022-47629 | Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.... | S | |
| CVE-2022-47630 | Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certif... | S | |
| CVE-2022-47631 | Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path... | E | |
| CVE-2022-47632 | Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path,... | E M | |
| CVE-2022-47633 | An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious ima... | S | |
| CVE-2022-47634 | M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrativ... | | |
| CVE-2022-47635 | Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows ... | | |
| CVE-2022-47636 | A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 617... | E | |
| CVE-2022-47637 | The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common ... | E | |
| CVE-2022-47648 | An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 ... | | |
| CVE-2022-47653 | GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels funct... | E | |
| CVE-2022-47654 | GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_intern... | E S | |
| CVE-2022-47655 | Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback | E | |
| CVE-2022-47656 | GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_intern... | E S | |
| CVE-2022-47657 | GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_ex... | E S | |
| CVE-2022-47658 | GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_... | E S | |
| CVE-2022-47659 | GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data... | E S | |
| CVE-2022-47660 | GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c... | E S | |
| CVE-2022-47661 | GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:... | E S | |
| CVE-2022-47662 | GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursio... | E S | |
| CVE-2022-47663 | GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/re... | E S | |
| CVE-2022-47664 | Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse... | E S | |
| CVE-2022-47665 | Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, in... | E S | |
| CVE-2022-47673 | An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple... | E | |
| CVE-2022-47695 | An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service... | E | |
| CVE-2022-47696 | An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service... | E | |
| CVE-2022-47697 | COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 an... | | |
| CVE-2022-47698 | COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is... | | |
| CVE-2022-47699 | COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is... | | |
| CVE-2022-47700 | COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 an... | | |
| CVE-2022-47701 | COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is... | | |
| CVE-2022-47703 | TIANJIE CPE906-3 is vulnerable to password disclosure. This is present on Software Version WEB5.0_LC... | E | |
| CVE-2022-47714 | Last Yard 22.09.8-1 does not enforce HSTS headers... | E | |
| CVE-2022-47715 | In Last Yard 22.09.8-1, the cookie can be stolen via via unencrypted traffic.... | E | |
| CVE-2022-47717 | Last Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing (CORS).... | E | |
| CVE-2022-47732 | In Yeastar N412 and N824 Configuration Panel 42.x and 45.x, an unauthenticated attacker can create b... | E | |
| CVE-2022-47740 | Seltmann GmbH Content Management System 6 is vulnerable to SQL Injection via /index.php.... | E | |
| CVE-2022-47745 | ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can co... | E | |
| CVE-2022-47747 | kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs.... | E | |
| CVE-2022-47757 | In imo.im 2022.11.1051, a path traversal vulnerability delivered via an unsanitized deeplink can for... | | |
| CVE-2022-47758 | Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitr... | E | |
| CVE-2022-47762 | In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.... | E | |
| CVE-2022-47766 | PopojiCMS v2.0.1 backend plugin function has a file upload vulnerability.... | E | |
| CVE-2022-47767 | A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administra... | E | |
| CVE-2022-47768 | Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal.... | E | |
| CVE-2022-47769 | An arbitrary file write vulnerability in Serenissima Informatica Fast Checkin v1.0 allows unauthenti... | E | |
| CVE-2022-47770 | Serenissima Informatica Fast Checkin version v1.0 is vulnerable to Unauthenticated SQL Injection.... | E | |
| CVE-2022-47780 | SQL Injection vulnerability in Bangresto 1.0 via the itemID parameter.... | E | |
| CVE-2022-47790 | Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/i... | E | |
| CVE-2022-47848 | An issue was discovered in Bezeq Vtech NB403-IL version BZ_2.02.07.09.13.01 and Vtech IAD604-IL vers... | E | |
| CVE-2022-47853 | TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd... | E | |
| CVE-2022-47854 | i-librarian 4.10 is vulnerable to Arbitrary file upload in ajaxsupplement.php.... | E | |
| CVE-2022-47859 | Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in changePasswo... | E | |
| CVE-2022-47860 | Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php... | E | |
| CVE-2022-47861 | Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php.... | E | |
| CVE-2022-47862 | Lead Management System v1.0 is vulnerable to SQL Injection via the customer_id parameter in ajax_rep... | E | |
| CVE-2022-47864 | Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.... | E | |
| CVE-2022-47865 | Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php.... | E | |
| CVE-2022-47866 | Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php.... | E | |
| CVE-2022-47870 | A Cross Site Scripting (XSS) vulnerability in the web SQL monitor login page in Redgate SQL Monitor ... | E | |
| CVE-2022-47872 | A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the appli... | E | |
| CVE-2022-47873 | Netcad KEOS 1.0 is vulnerable to XML External Entity (XXE) resulting in SSRF with XXE (remote).... | | |
| CVE-2022-47874 | Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to... | E | |
| CVE-2022-47875 | A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authe... | E | |
| CVE-2022-47876 | The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to exec... | E | |
| CVE-2022-47877 | A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to ... | E | |
| CVE-2022-47878 | Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allow... | E | |
| CVE-2022-47879 | A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authentic... | E | |
| CVE-2022-47880 | An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, au... | E | |
| CVE-2022-47881 | Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability.... | | |
| CVE-2022-47891 | Admin password reset in NetMan 204 | | |
| CVE-2022-47892 | Information disclosure in NetMan 204 | | |
| CVE-2022-47893 | NetMan 204 Remote Code Execution | | |
| CVE-2022-47894 | Apache Zeppelin SAP: connecting to a malicious SAP server allowed it to perform XXE | S | |
| CVE-2022-47895 | In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to ... | | |
| CVE-2022-47896 | In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks.... | | |
| CVE-2022-47908 | Stack-based buffer overflow vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker ... | | |
| CVE-2022-47909 | LQL Injection in Livestatus HTTP headers | E | |
| CVE-2022-47911 | CVE-2022-47911 | S | |
| CVE-2022-47914 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-47915 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An a... | | |
| CVE-2022-47917 | CVE-2022-47917 | S | |
| CVE-2022-47924 | Arbitrary Code Execution using the validate function of csaf-validator-lib | | |
| CVE-2022-47925 | Insufficient Input Validation in the Endpoint of the csaf-validator-service | | |
| CVE-2022-47926 | AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php... | E | |
| CVE-2022-47927 | An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x ... | E S | |
| CVE-2022-47928 | In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.... | S | |
| CVE-2022-47929 | In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem al... | E S | |
| CVE-2022-47930 | An issue was discovered in IO FinNet tss-lib before 2.0.0. The parameter ssid for defining a session... | | |
| CVE-2022-47931 | IO FinNet tss-lib before 2.0.0 allows a collision of hash values.... | S | |
| CVE-2022-47932 | Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HT... | E S | |
| CVE-2022-47933 | Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HT... | E S | |
| CVE-2022-47934 | Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and g... | E S | |
| CVE-2022-47935 | A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All version... | S | |
| CVE-2022-47936 | A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All version... | | |
| CVE-2022-47937 | Multiple parsing problems in the Apache Sling Commons JSON module | | |
| CVE-2022-47938 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2m... | S | |
| CVE-2022-47939 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2p... | S | |
| CVE-2022-47940 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2... | S | |
| CVE-2022-47941 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2p... | S | |
| CVE-2022-47942 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a hea... | S | |
| CVE-2022-47943 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an ou... | S | |
| CVE-2022-47945 | ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the languag... | E S | |
| CVE-2022-47946 | An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wa... | E S | |
| CVE-2022-47949 | The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other pr... | E | |
| CVE-2022-47950 | An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By suppl... | E S | |
| CVE-2022-47951 | An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance be... | E S | |
| CVE-2022-47952 | lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer wheth... | | |
| CVE-2022-47965 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An a... | | |
| CVE-2022-47966 | Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote... | KEV E S | |
| CVE-2022-47967 | A vulnerability has been identified in Solid Edge (All versions < V2023 MP1). The DOCMGMT.DLL contai... | M | |
| CVE-2022-47968 | Heimdall Application Dashboard through 2.5.4 allows reflected and stored XSS via "Application name" ... | E | |
| CVE-2022-47974 | The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation ... | S | |
| CVE-2022-47975 | The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may ... | S | |
| CVE-2022-47976 | The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control con... | S | |
| CVE-2022-47977 | A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All version... | | |
| CVE-2022-47983 | IBM InfoSphere Information Server cross-site scripting | S | |
| CVE-2022-47984 | IBM InfoSphere Information Server SQL injection | S | |
| CVE-2022-47986 | IBM Aspera Faspex code execution | KEV S | |
| CVE-2022-47990 | IBM AIX denial of service | S |