CVE-2022-3204
- EPSS 1.29%
- Veröffentlicht 26.09.2022 14:15:11
- Zuletzt bearbeitet 05.05.2025 16:15:19
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameserv...
CVE-2022-21797
- EPSS 1.98%
- Veröffentlicht 26.09.2022 05:15:10
- Zuletzt bearbeitet 21.11.2024 06:45:27
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
CVE-2022-3297
- EPSS 0.5%
- Veröffentlicht 25.09.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 07:19:14
Use After Free in GitHub repository vim/vim prior to 9.0.0579.
CVE-2022-3296
- EPSS 0.53%
- Veröffentlicht 25.09.2022 17:15:09
- Zuletzt bearbeitet 21.11.2024 07:19:14
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.
CVE-2022-3278
- EPSS 0.82%
- Veröffentlicht 23.09.2022 22:15:09
- Zuletzt bearbeitet 21.11.2024 07:19:12
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.
CVE-2022-36944
- EPSS 8.34%
- Veröffentlicht 23.09.2022 18:15:10
- Zuletzt bearbeitet 27.05.2025 15:15:26
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to er...
CVE-2022-40188
- EPSS 1.52%
- Veröffentlicht 23.09.2022 16:15:11
- Zuletzt bearbeitet 27.05.2025 15:15:28
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.
CVE-2022-41322
- EPSS 0.48%
- Veröffentlicht 23.09.2022 05:15:08
- Zuletzt bearbeitet 01.06.2025 11:15:19
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup.
CVE-2022-35951
- EPSS 2.9%
- Veröffentlicht 23.09.2022 04:15:11
- Zuletzt bearbeitet 21.11.2024 07:12:02
Redis is an in-memory database that persists on disk. Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an `XAUTOCLAIM` command on a stream key in a specific state, with a specially crafted `COUNT` argument may...
CVE-2022-1941
- EPSS 1.19%
- Veröffentlicht 22.09.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 06:41:47
A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and ...