CVE-2022-30699
- EPSS 0.87%
- Veröffentlicht 01.08.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 07:03:11
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation ...
CVE-2022-2509
- EPSS 1.49%
- Veröffentlicht 01.08.2022 14:15:09
- Zuletzt bearbeitet 02.12.2025 21:15:49
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
CVE-2022-34526
- EPSS 1.39%
- Veröffentlicht 29.07.2022 23:15:08
- Zuletzt bearbeitet 21.11.2024 07:09:42
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.
- EPSS 2.18%
- Veröffentlicht 28.07.2022 21:15:08
- Zuletzt bearbeitet 29.05.2026 20:16:21
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break ou...
CVE-2022-2553
- EPSS 0.92%
- Veröffentlicht 28.07.2022 15:15:07
- Zuletzt bearbeitet 21.11.2024 07:01:14
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes...
CVE-2022-2163
- EPSS 0.66%
- Veröffentlicht 28.07.2022 02:15:07
- Zuletzt bearbeitet 21.11.2024 07:00:27
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
CVE-2022-2294
- EPSS 70.46%
- Veröffentlicht 28.07.2022 02:15:07
- Zuletzt bearbeitet 24.10.2025 14:09:38
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2295
- EPSS 1.24%
- Veröffentlicht 28.07.2022 02:15:07
- Zuletzt bearbeitet 21.11.2024 07:00:42
Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2296
- EPSS 0.94%
- Veröffentlicht 28.07.2022 02:15:07
- Zuletzt bearbeitet 21.11.2024 07:00:42
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.
CVE-2022-2162
- EPSS 1.07%
- Veröffentlicht 28.07.2022 01:15:17
- Zuletzt bearbeitet 21.11.2024 07:00:27
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page.