CVE-2022-3303
- EPSS 0.3%
- Veröffentlicht 27.09.2022 23:15:15
- Zuletzt bearbeitet 21.05.2025 16:15:28
A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use t...
CVE-2022-3324
- EPSS 0.5%
- Veröffentlicht 27.09.2022 23:15:15
- Zuletzt bearbeitet 03.11.2025 21:15:54
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.
CVE-2022-3201
- EPSS 0.61%
- Veröffentlicht 26.09.2022 16:15:13
- Zuletzt bearbeitet 21.11.2024 07:19:02
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromiu...
CVE-2022-21797
- EPSS 1.98%
- Veröffentlicht 26.09.2022 05:15:10
- Zuletzt bearbeitet 21.11.2024 06:45:27
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
CVE-2022-40188
- EPSS 1.52%
- Veröffentlicht 23.09.2022 16:15:11
- Zuletzt bearbeitet 27.05.2025 15:15:28
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.
CVE-2022-35252
- EPSS 1.84%
- Veröffentlicht 23.09.2022 14:15:12
- Zuletzt bearbeitet 05.05.2025 17:18:16
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service...
CVE-2022-1941
- EPSS 1.19%
- Veröffentlicht 22.09.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 06:41:47
A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and ...
CVE-2022-38398
- EPSS 2.02%
- Veröffentlicht 22.09.2022 15:15:09
- Zuletzt bearbeitet 03.11.2025 20:15:56
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-38648
- EPSS 1.95%
- Veröffentlicht 22.09.2022 15:15:09
- Zuletzt bearbeitet 03.11.2025 20:15:56
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-40146
- EPSS 5.79%
- Veröffentlicht 22.09.2022 15:15:09
- Zuletzt bearbeitet 03.11.2025 20:15:57
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.