CVE-2022-39028
- EPSS 1.66%
- Veröffentlicht 30.08.2022 05:15:08
- Zuletzt bearbeitet 21.11.2024 07:17:24
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain avai...
CVE-2022-25857
- EPSS 2.19%
- Veröffentlicht 30.08.2022 05:15:07
- Zuletzt bearbeitet 21.11.2024 06:53:07
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
CVE-2022-38784
- EPSS 0.57%
- Veröffentlicht 30.08.2022 03:15:07
- Zuletzt bearbeitet 21.11.2024 07:17:04
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary c...
CVE-2022-1184
- EPSS 0.28%
- Veröffentlicht 29.08.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 06:40:12
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.
CVE-2022-1204
- EPSS 0.39%
- Veröffentlicht 29.08.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 06:40:14
A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.
CVE-2022-2953
- EPSS 0.54%
- Veröffentlicht 29.08.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:01:58
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8.
CVE-2022-0367
- EPSS 0.43%
- Veröffentlicht 29.08.2022 15:15:09
- Zuletzt bearbeitet 03.11.2025 21:15:49
A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.
CVE-2022-0718
- EPSS 1.34%
- Veröffentlicht 29.08.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 06:39:15
A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.
CVE-2022-2787
- EPSS 0.82%
- Veröffentlicht 27.08.2022 12:15:08
- Zuletzt bearbeitet 21.11.2024 07:01:41
Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session.
CVE-2022-0171
- EPSS 0.29%
- Veröffentlicht 26.08.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:38:04
A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Vi...