CVE-2022-21166
- EPSS 5.9%
- Veröffentlicht 15.06.2022 21:15:09
- Zuletzt bearbeitet 05.05.2025 17:17:41
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21123
- EPSS 6.16%
- Veröffentlicht 15.06.2022 20:15:17
- Zuletzt bearbeitet 05.05.2025 17:17:37
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21125
- EPSS 6.45%
- Veröffentlicht 15.06.2022 20:15:17
- Zuletzt bearbeitet 05.05.2025 17:17:37
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21127
- EPSS 5.47%
- Veröffentlicht 15.06.2022 20:15:17
- Zuletzt bearbeitet 05.05.2025 17:17:37
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-32278
- EPSS 1.51%
- Veröffentlicht 13.06.2022 22:15:08
- Zuletzt bearbeitet 21.11.2024 07:06:05
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
CVE-2022-31042
- EPSS 1.82%
- Veröffentlicht 10.06.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 07:03:46
Guzzle is an open source PHP HTTP client. In affected versions the `Cookie` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, or on ...
CVE-2022-31043
- EPSS 1.82%
- Veröffentlicht 10.06.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 07:03:46
Guzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, we ...
CVE-2022-21499
- EPSS 0.61%
- Veröffentlicht 09.06.2022 21:15:07
- Zuletzt bearbeitet 21.11.2024 06:44:50
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is...
CVE-2022-26364
- EPSS 0.49%
- Veröffentlicht 09.06.2022 17:15:09
- Zuletzt bearbeitet 21.11.2024 06:53:50
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a reg...
CVE-2022-26362
- EPSS 0.38%
- Veröffentlicht 09.06.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:53:49
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable...