CVE-2022-31001
- EPSS 2.02%
- Veröffentlicht 31.05.2022 20:15:07
- Zuletzt bearbeitet 21.11.2024 07:03:41
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (st...
CVE-2022-31003
- EPSS 3.66%
- Veröffentlicht 31.05.2022 20:15:07
- Zuletzt bearbeitet 21.11.2024 07:03:41
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker c...
CVE-2022-31002
- EPSS 1.8%
- Veröffentlicht 31.05.2022 19:15:07
- Zuletzt bearbeitet 21.11.2024 07:03:41
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`....
CVE-2022-1942
- EPSS 1.56%
- Veröffentlicht 31.05.2022 14:15:07
- Zuletzt bearbeitet 03.11.2025 21:15:51
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-1897
- EPSS 1.47%
- Veröffentlicht 27.05.2022 15:15:07
- Zuletzt bearbeitet 03.11.2025 21:15:50
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-1898
- EPSS 1.41%
- Veröffentlicht 27.05.2022 09:15:08
- Zuletzt bearbeitet 21.11.2024 06:41:42
Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-26691
- EPSS 0.58%
- Veröffentlicht 26.05.2022 18:15:09
- Zuletzt bearbeitet 21.11.2024 06:54:19
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.
CVE-2022-21831
- EPSS 2.74%
- Veröffentlicht 26.05.2022 17:15:09
- Zuletzt bearbeitet 21.11.2024 06:45:31
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.
CVE-2022-22576
- EPSS 1.91%
- Veröffentlicht 26.05.2022 17:15:09
- Zuletzt bearbeitet 27.05.2026 14:16:35
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for th...
CVE-2022-22577
- EPSS 1.59%
- Veröffentlicht 26.05.2022 17:15:09
- Zuletzt bearbeitet 21.11.2024 06:47:03
An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.