CVE-2022-24301
- EPSS 0.99%
- Veröffentlicht 02.02.2022 06:15:06
- Zuletzt bearbeitet 21.11.2024 06:50:07
In Minetest before 5.4.0, players can add or subtract items from a different player's inventory.
CVE-2022-0417
- EPSS 1.54%
- Veröffentlicht 01.02.2022 13:15:10
- Zuletzt bearbeitet 03.11.2025 21:15:49
Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
CVE-2021-43859
- EPSS 7.93%
- Veröffentlicht 01.02.2022 12:15:08
- Zuletzt bearbeitet 03.11.2025 22:15:52
XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resul...
CVE-2022-23607
- EPSS 1.08%
- Veröffentlicht 01.02.2022 11:15:11
- Zuletzt bearbeitet 21.11.2024 06:48:55
treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods (`treq.get`, `treq.post`, etc.) and `treq.client.HTTPClient` constructor accept cookies as a dictionary. Such cookies are not bound to a singl...
CVE-2021-46669
- EPSS 2.4%
- Veröffentlicht 01.02.2022 02:15:07
- Zuletzt bearbeitet 21.11.2024 06:34:34
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
CVE-2021-45079
- EPSS 2.78%
- Veröffentlicht 31.01.2022 08:15:07
- Zuletzt bearbeitet 21.11.2024 06:31:54
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without serv...
CVE-2022-24130
- EPSS 1.69%
- Veröffentlicht 31.01.2022 05:15:08
- Zuletzt bearbeitet 21.11.2024 06:49:52
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.
CVE-2022-0408
- EPSS 1.51%
- Veröffentlicht 30.01.2022 15:15:07
- Zuletzt bearbeitet 21.11.2024 06:38:33
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0413
- EPSS 1.4%
- Veröffentlicht 30.01.2022 15:15:07
- Zuletzt bearbeitet 21.11.2024 06:38:34
Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2021-4160
- EPSS 3.8%
- Veröffentlicht 28.01.2022 22:15:15
- Zuletzt bearbeitet 21.11.2024 06:37:02
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlik...