CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2022

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-24266 89 Sql 2022-01-31 2022-02-03
7.8
None Remote Low Not required Complete None None
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the order_by parameter.
2 CVE-2022-24265 89 Sql 2022-01-31 2022-02-03
7.8
None Remote Low Not required Complete None None
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menu_filter=3 parameter.
3 CVE-2022-24264 89 Sql 2022-01-31 2022-02-03
7.8
None Remote Low Not required Complete None None
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the search_word parameter.
4 CVE-2022-24263 89 Sql 2022-01-31 2022-02-11
7.5
None Remote Low Not required Partial Partial Partial
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
5 CVE-2022-24130 120 Overflow 2022-01-31 2022-08-19
2.6
None Remote High Not required None None Partial
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.
6 CVE-2022-24124 89 Sql 2022-01-29 2022-04-05
5.0
None Remote Low Not required Partial None None
The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations.
7 CVE-2022-24123 79 Exec Code XSS 2022-01-29 2022-02-04
6.8
None Remote Medium Not required Partial Partial Partial
MarkText through 0.16.3 does not sanitize the input of a mermaid block before rendering. This could lead to Remote Code Execution via a .md file containing a mutation Cross-Site Scripting (XSS) payload.
8 CVE-2022-24122 416 2022-01-29 2022-04-01
6.9
None Local Medium Not required Complete Complete Complete
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
9 CVE-2022-24071 2022-01-28 2022-02-02
4.3
None Remote Medium Not required None Partial None
A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the rendering process which could lead to controlling browser internal APIs.
10 CVE-2022-24032 668 2022-01-30 2022-02-04
5.0
None Remote Low Not required Partial None None
Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can identify valid usernames on the platform because a failed login attempt produces a different error message when the username is valid.
11 CVE-2022-23993 79 XSS 2022-01-26 2022-04-29
4.3
None Remote Medium Not required None Partial None
/usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS.
12 CVE-2022-23990 190 Overflow 2022-01-26 2022-10-31
5.0
None Remote Low Not required None None Partial
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
13 CVE-2022-23979 79 XSS 2022-01-28 2022-02-02
3.5
None Remote Medium ??? None Partial None
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability discovered in Ultimate Reviews WordPress plugin (versions <= 3.0.15).
14 CVE-2022-23968 835 DoS 2022-01-26 2022-02-03
7.8
None Remote Low Not required None None Complete
Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as soon as the boot process finishes. However, this boot loop can be resolved by a field technician. The TIFF file must have an incomplete Image Directory. Affected firmware versions include xx.42.01 and xx.50.61. NOTE: the 2022-01-24 NeoSmart article included "believed to affect all previous and later versions as of the date of this posting" but a 2022-01-26 vendor statement reports "the latest versions of firmware are not vulnerable to this issue."
15 CVE-2022-23967 787 Exec Code Overflow 2022-01-26 2022-02-02
7.5
None Remote Low Not required Partial Partial Partial
In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbproto.c (for the vncviewer component). There is no check on the size given to malloc, e.g., -1 is accepted. This allocates a chunk of size zero, which will give a heap pointer. However, one can send 0xffffffff bytes of data, which can have a DoS impact or lead to remote code execution.
16 CVE-2022-23959 444 2022-01-26 2022-08-02
6.4
None Remote Low Not required Partial Partial None
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
17 CVE-2022-23945 306 2022-01-25 2022-02-01
5.0
None Remote Low Not required None Partial None
Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
18 CVE-2022-23944 306 2022-01-25 2022-02-01
6.4
None Remote Low Not required Partial Partial None
User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
19 CVE-2022-23935 77 2022-01-25 2022-05-19
7.6
None Remote High Not required Complete Complete Complete
lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection.
20 CVE-2022-23889 674 2022-01-28 2022-02-03
5.0
None Remote Low Not required None Partial None
The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently, allowing attackers to create an unusually large number of comments.
21 CVE-2022-23888 352 CSRF 2022-01-28 2022-02-02
6.8
None Remote Medium Not required Partial Partial Partial
YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgey (CSRF) via the component /yzmcms/comment/index/init.html.
22 CVE-2022-23887 352 CSRF 2022-01-28 2022-02-02
4.3
None Remote Medium Not required None Partial None
YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily delete user accounts via /admin/admin_manage/delete.
23 CVE-2022-23872 79 XSS 2022-01-31 2022-09-30
3.5
None Remote Medium ??? None Partial None
Emlog pro v1.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /admin/configure.php via the parameter footer_info.
24 CVE-2022-23863 269 2022-01-28 2022-02-02
4.0
None Remote Low ??? None Partial None
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any user's login password.
25 CVE-2022-23858 2022-01-24 2022-09-01
9.0
None Remote Low ??? Complete Complete Complete
A flaw was found in the REST API. An improperly handled REST API call could allow any logged user to elevate privileges up to the system account. This affects StarWind Command Center build 6003 v2.
26 CVE-2022-23857 89 Sql 2022-01-24 2022-01-27
4.0
None Remote Low ??? Partial None None
model/criteria/criteria.go in Navidrome before 0.47.5 is vulnerable to SQL injection attacks when processing crafted Smart Playlists. An authenticated user could abuse this to extract arbitrary data from the database, including the user table (which contains sensitive information such as the users' encrypted passwords).
27 CVE-2022-23856 668 2022-01-24 2022-01-28
5.0
None Remote Low Not required Partial None None
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.
28 CVE-2022-23855 287 Bypass 2022-01-24 2022-01-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account.
29 CVE-2022-23852 190 Overflow 2022-01-24 2022-10-29
7.5
None Remote Low Not required Partial Partial Partial
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
30 CVE-2022-23850 787 Overflow 2022-01-23 2022-06-26
6.8
None Remote Medium Not required Partial Partial Partial
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document.
31 CVE-2022-23837 770 2022-01-21 2022-04-25
5.0
None Remote Low Not required None None Partial
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.
32 CVE-2022-23808 79 XSS 2022-01-22 2022-01-31
4.3
None Remote Medium Not required None Partial None
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
33 CVE-2022-23807 287 Bypass 2022-01-22 2022-01-27
4.0
None Remote Low ??? None Partial None
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
34 CVE-2022-23728 2022-01-21 2022-07-11
6.6
None Local Low Not required None Complete Complete
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.
35 CVE-2022-23727 269 2022-01-28 2022-02-03
4.6
None Local Low Not required Partial Partial Partial
There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege
36 CVE-2022-23599 79 XSS 2022-01-28 2022-02-04
2.6
None Remote High Not required None Partial None
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the image_view_fullscreen page in a cache, for example in Varnish. The technique is known as cache poisoning. Any later visitor can get redirected when clicking on a link on this page. Usually only anonymous users are affected, but this depends on the user's cache settings. Version 3.0.6 of Products.ATContentTypes has been released with a fix. This version works on Plone 5.2, Python 2 only. As a workaround, make sure the image_view_fullscreen page is not stored in the cache. More information about the vulnerability and cvmitigation measures is available in the GitHub Security Advisory.
37 CVE-2022-23598 79 XSS 2022-01-28 2022-03-25
4.3
None Remote Medium Not required None Partial None
laminas-form is a package for validating and displaying simple and complex forms. When rendering validation error messages via the `formElementErrors()` view helper shipped with laminas-form, many messages will contain the submitted value. However, in laminas-form prior to version 3.1.1, the value was not being escaped for HTML contexts, which could potentially lead to a reflected cross-site scripting attack. Versions 3.1.1 and above contain a patch to mitigate the vulnerability. A workaround is available. One may manually place code at the top of a view script where one calls the `formElementErrors()` view helper. More information about this workaround is available on the GitHub Security Advisory.
38 CVE-2022-23456 2022-01-28 2022-02-03
2.1
None Local Low Not required None Partial None
Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant software.
39 CVE-2022-23437 91 2022-01-24 2022-10-28
7.1
None Remote Medium Not required None None Complete
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
40 CVE-2022-23435 DoS 2022-01-19 2022-01-25
5.0
None Remote Low Not required None None Partial
decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service.
41 CVE-2022-23409 22 Dir. Trav. 2022-01-31 2022-02-04
4.0
None Remote Low ??? Partial None None
The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php.
42 CVE-2022-23408 330 2022-01-18 2022-01-27
6.4
None Remote Low Not required Partial Partial None
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c.
43 CVE-2022-23366 89 Sql 2022-01-21 2022-02-28
7.5
None Remote Low Not required Partial Partial Partial
HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php.
44 CVE-2022-23365 89 Sql 2022-01-21 2022-01-27
7.5
None Remote Low Not required Partial Partial Partial
HMS v1.0 was discovered to contain a SQL injection vulnerability via doctorlogin.php.
45 CVE-2022-23364 89 Sql 2022-01-21 2022-01-27
7.5
None Remote Low Not required Partial Partial Partial
HMS v1.0 was discovered to contain a SQL injection vulnerability via adminlogin.php.
46 CVE-2022-23363 89 Sql 2022-01-21 2022-01-27
7.5
None Remote Low Not required Partial Partial Partial
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via index.php.
47 CVE-2022-23315 434 2022-01-21 2022-01-26
7.5
None Remote Low Not required Partial Partial Partial
MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnerability via the component /ms/template/writeFileContent.do.
48 CVE-2022-23314 89 Sql 2022-01-21 2022-01-26
7.5
None Remote Low Not required Partial Partial Partial
MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via /ms/mdiy/model/importJson.do.
49 CVE-2022-23307 502 2022-01-18 2022-07-25
9.0
None Remote Low ??? Complete Complete Complete
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
50 CVE-2022-23305 89 Sql 2022-01-18 2022-07-25
6.8
None Remote Medium Not required Partial Partial Partial
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
Total number of vulnerabilities : 2034   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.