CVE-2022-30522
- EPSS 90.41%
- Veröffentlicht 09.06.2022 17:15:09
- Zuletzt bearbeitet 21.11.2024 07:02:52
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.
CVE-2022-30556
- EPSS 4.69%
- Veröffentlicht 09.06.2022 17:15:09
- Zuletzt bearbeitet 01.05.2025 15:35:37
Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
CVE-2022-31813
- EPSS 3.14%
- Veröffentlicht 09.06.2022 17:15:09
- Zuletzt bearbeitet 01.05.2025 15:35:29
Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
CVE-2022-26362
- EPSS 0.38%
- Veröffentlicht 09.06.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:53:49
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable...
CVE-2022-26363
- EPSS 0.34%
- Veröffentlicht 09.06.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:53:50
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a reg...
CVE-2022-2000
- EPSS 1.53%
- Veröffentlicht 09.06.2022 16:15:08
- Zuletzt bearbeitet 03.11.2025 21:15:51
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-31214
- EPSS 0.38%
- Veröffentlicht 09.06.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 07:04:08
A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linu...
CVE-2022-1998
- EPSS 0.32%
- Veröffentlicht 09.06.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 06:41:55
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate th...
CVE-2022-31030
- EPSS 0.38%
- Veröffentlicht 09.06.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 07:03:44
containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can...
CVE-2022-1996
- EPSS 2.74%
- Veröffentlicht 08.06.2022 13:15:07
- Zuletzt bearbeitet 21.11.2024 06:41:54
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.