CVE-2022-3592
- EPSS 2.43%
- Veröffentlicht 12.01.2023 15:15:10
- Zuletzt bearbeitet 08.04.2025 16:15:23
A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via...
CVE-2022-47927
- EPSS 0.27%
- Veröffentlicht 12.01.2023 06:15:08
- Zuletzt bearbeitet 08.04.2025 16:15:24
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., w...
CVE-2023-22945
- EPSS 0.52%
- Veröffentlicht 11.01.2023 01:15:10
- Zuletzt bearbeitet 07.04.2025 19:15:51
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
CVE-2022-4379
- EPSS 6.35%
- Veröffentlicht 10.01.2023 22:15:14
- Zuletzt bearbeitet 08.04.2025 19:15:46
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
CVE-2023-21538
- EPSS 2.74%
- Veröffentlicht 10.01.2023 22:15:14
- Zuletzt bearbeitet 21.11.2024 07:43:02
.NET Denial of Service Vulnerability
CVE-2023-22909
- EPSS 0.87%
- Veröffentlicht 10.01.2023 08:15:10
- Zuletzt bearbeitet 07.04.2025 19:15:51
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow.
CVE-2023-22911
- EPSS 0.57%
- Veröffentlicht 10.01.2023 08:15:10
- Zuletzt bearbeitet 07.04.2025 19:15:51
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. E-Widgets does widget replacement in HTML attributes, which can lead to XSS, because widget authors often do not expect that their widg...
CVE-2023-0049
- EPSS 0.47%
- Veröffentlicht 04.01.2023 16:15:09
- Zuletzt bearbeitet 17.01.2025 20:15:26
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
CVE-2022-46175
- EPSS 9.3%
- Veröffentlicht 24.12.2022 04:15:08
- Zuletzt bearbeitet 21.11.2024 07:30:15
JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of key...
CVE-2022-43551
- EPSS 16.54%
- Veröffentlicht 23.12.2022 15:15:15
- Zuletzt bearbeitet 13.02.2026 20:16:13
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the U...