CVE-2022-4285
- EPSS 0.44%
- Veröffentlicht 27.01.2023 18:15:15
- Zuletzt bearbeitet 28.03.2025 16:15:25
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
CVE-2022-47021
- EPSS 0.4%
- Veröffentlicht 20.01.2023 19:15:17
- Zuletzt bearbeitet 03.04.2025 16:15:29
A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.
CVE-2023-22809
- EPSS 55.37%
- Veröffentlicht 18.01.2023 17:15:10
- Zuletzt bearbeitet 04.04.2025 16:15:16
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to proce...
CVE-2018-14628
- EPSS 1.17%
- Veröffentlicht 17.01.2023 18:15:10
- Zuletzt bearbeitet 22.01.2025 16:10:38
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
- EPSS 1.36%
- Veröffentlicht 17.01.2023 10:15:11
- Zuletzt bearbeitet 04.04.2025 16:15:16
ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46...
CVE-2023-22298
- EPSS 0.91%
- Veröffentlicht 17.01.2023 10:15:11
- Zuletzt bearbeitet 03.04.2025 16:15:31
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
CVE-2023-23589
- EPSS 0.83%
- Veröffentlicht 14.01.2023 01:15:15
- Zuletzt bearbeitet 07.04.2025 19:15:52
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.
CVE-2023-23456
- EPSS 0.39%
- Veröffentlicht 12.01.2023 19:15:24
- Zuletzt bearbeitet 11.04.2025 12:27:55
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.
CVE-2023-23457
- EPSS 0.35%
- Veröffentlicht 12.01.2023 19:15:24
- Zuletzt bearbeitet 11.04.2025 12:27:55
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
CVE-2022-3437
- EPSS 3.69%
- Veröffentlicht 12.01.2023 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:19:30
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow ...