CVE-2022-1420
- EPSS 1.47%
- Veröffentlicht 21.04.2022 11:15:08
- Zuletzt bearbeitet 21.11.2024 06:40:41
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
CVE-2022-29536
- EPSS 1.95%
- Veröffentlicht 20.04.2022 23:15:08
- Zuletzt bearbeitet 21.11.2024 06:59:17
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is...
CVE-2022-28327
- EPSS 4.2%
- Veröffentlicht 20.04.2022 10:15:08
- Zuletzt bearbeitet 21.11.2024 06:57:10
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
CVE-2022-24675
- EPSS 5.42%
- Veröffentlicht 20.04.2022 10:15:07
- Zuletzt bearbeitet 21.11.2024 06:50:50
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
CVE-2022-25648
- EPSS 4.87%
- Veröffentlicht 19.04.2022 17:15:11
- Zuletzt bearbeitet 21.11.2024 06:52:30
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can...
CVE-2022-29153
- EPSS 8.68%
- Veröffentlicht 19.04.2022 16:17:10
- Zuletzt bearbeitet 21.11.2024 06:58:35
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.
CVE-2021-42778
- EPSS 2.09%
- Veröffentlicht 18.04.2022 17:15:16
- Zuletzt bearbeitet 03.11.2025 22:15:52
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
CVE-2021-42779
- EPSS 2.05%
- Veröffentlicht 18.04.2022 17:15:16
- Zuletzt bearbeitet 03.11.2025 22:15:52
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
CVE-2021-42780
- EPSS 2.09%
- Veröffentlicht 18.04.2022 17:15:16
- Zuletzt bearbeitet 03.11.2025 22:15:52
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
CVE-2021-42781
- EPSS 2.81%
- Veröffentlicht 18.04.2022 17:15:16
- Zuletzt bearbeitet 03.11.2025 22:15:52
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.