CVE-2022-45188
- EPSS 0.59%
- Veröffentlicht 12.11.2022 05:15:12
- Zuletzt bearbeitet 13.02.2026 20:16:14
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
CVE-2022-45062
- EPSS 1.41%
- Veröffentlicht 09.11.2022 07:15:10
- Zuletzt bearbeitet 01.05.2025 15:15:58
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
CVE-2022-45060
- EPSS 0.94%
- Veröffentlicht 09.11.2022 06:15:09
- Zuletzt bearbeitet 01.05.2025 15:15:58
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request...
CVE-2022-3886
- EPSS 0.61%
- Veröffentlicht 09.11.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 07:20:26
Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3887
- EPSS 0.64%
- Veröffentlicht 09.11.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 07:20:26
Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3888
- EPSS 0.6%
- Veröffentlicht 09.11.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 07:20:26
Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3889
- EPSS 0.62%
- Veröffentlicht 09.11.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 07:20:27
Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3890
- EPSS 0.71%
- Veröffentlicht 09.11.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 07:20:27
Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High...
CVE-2022-3885
- EPSS 0.66%
- Veröffentlicht 09.11.2022 04:15:09
- Zuletzt bearbeitet 21.11.2024 07:20:26
Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-39377
- EPSS 1.1%
- Veröffentlicht 08.11.2022 20:15:11
- Zuletzt bearbeitet 03.11.2025 18:15:39
sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insuffic...