CVE-2021-3669
- EPSS 0.28%
- Veröffentlicht 26.08.2022 16:15:09
- Zuletzt bearbeitet 03.11.2025 22:15:50
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
CVE-2021-3735
- EPSS 0.19%
- Veröffentlicht 26.08.2022 16:15:09
- Zuletzt bearbeitet 28.02.2025 13:15:25
A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahci_reset_port) while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. A privileged user inside the guest cou...
- EPSS 0.73%
- Veröffentlicht 26.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:22:41
A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant wi...
CVE-2021-3563
- EPSS 1.32%
- Veröffentlicht 26.08.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:51
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to da...
CVE-2022-0135
- EPSS 0.38%
- Veröffentlicht 25.08.2022 18:15:09
- Zuletzt bearbeitet 21.11.2024 06:37:58
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or...
CVE-2022-2255
- EPSS 0.69%
- Veröffentlicht 25.08.2022 18:15:09
- Zuletzt bearbeitet 21.11.2024 07:00:37
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.
CVE-2022-22728
- EPSS 4.71%
- Veröffentlicht 25.08.2022 15:15:08
- Zuletzt bearbeitet 21.11.2024 06:47:20
A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
CVE-2022-32893
- EPSS 9.79%
- Veröffentlicht 24.08.2022 20:15:09
- Zuletzt bearbeitet 23.10.2025 18:02:27
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Appl...
CVE-2022-2978
- EPSS 0.23%
- Veröffentlicht 24.08.2022 16:15:12
- Zuletzt bearbeitet 21.11.2024 07:02:01
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentiall...
CVE-2021-4214
- EPSS 0.51%
- Veröffentlicht 24.08.2022 16:15:10
- Zuletzt bearbeitet 21.11.2024 06:37:10
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.