- EPSS 67.99%
- Veröffentlicht 25.03.2022 19:15:10
- Zuletzt bearbeitet 21.11.2024 06:38:37
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash t...
CVE-2022-0500
- EPSS 0.35%
- Veröffentlicht 25.03.2022 19:15:10
- Zuletzt bearbeitet 21.11.2024 06:38:47
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges...
CVE-2022-0983
- EPSS 0.9%
- Veröffentlicht 25.03.2022 19:15:10
- Zuletzt bearbeitet 21.11.2024 06:39:47
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default.
CVE-2022-0995
- EPSS 6.2%
- Veröffentlicht 25.03.2022 19:15:10
- Zuletzt bearbeitet 21.11.2024 06:39:49
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of ser...
CVE-2021-3933
- EPSS 0.85%
- Veröffentlicht 25.03.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:22:48
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other atta...
CVE-2021-3941
- EPSS 0.29%
- Veröffentlicht 25.03.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:22:49
In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A spec...
CVE-2021-4147
- EPSS 0.23%
- Veröffentlicht 25.03.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:37:00
A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.
- EPSS 1.58%
- Veröffentlicht 25.03.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:37:01
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash t...
CVE-2022-0322
- EPSS 0.29%
- Veröffentlicht 25.03.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:38:22
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON i...
CVE-2022-24778
- EPSS 2.68%
- Veröffentlicht 25.03.2022 18:15:22
- Zuletzt bearbeitet 21.11.2024 06:51:04
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function `CheckAuthorization` ...