CVE-2022-31780
- EPSS 1.85%
- Veröffentlicht 10.08.2022 06:15:08
- Zuletzt bearbeitet 21.11.2024 07:05:18
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
CVE-2022-37452
- EPSS 2.94%
- Veröffentlicht 07.08.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 07:15:00
Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
CVE-2022-37434
- EPSS 16%
- Veröffentlicht 05.08.2022 07:15:07
- Zuletzt bearbeitet 14.07.2026 12:16:47
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib s...
- EPSS 1.67%
- Veröffentlicht 03.08.2022 19:15:08
- Zuletzt bearbeitet 03.11.2025 22:15:58
PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of...
CVE-2022-32292
- EPSS 2.39%
- Veröffentlicht 03.08.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 07:06:07
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
CVE-2022-32293
- EPSS 1.52%
- Veröffentlicht 03.08.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 07:06:07
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.
CVE-2022-36359
- EPSS 0.66%
- Veröffentlicht 03.08.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 07:12:51
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filena...
CVE-2022-2598
- EPSS 0.87%
- Veröffentlicht 01.08.2022 15:15:09
- Zuletzt bearbeitet 25.02.2026 15:18:57
Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
CVE-2022-2509
- EPSS 1.49%
- Veröffentlicht 01.08.2022 14:15:09
- Zuletzt bearbeitet 02.12.2025 21:15:49
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
CVE-2022-34526
- EPSS 1.39%
- Veröffentlicht 29.07.2022 23:15:08
- Zuletzt bearbeitet 21.11.2024 07:09:42
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.