CVE-2022-44638
- EPSS 1.44%
- Veröffentlicht 03.11.2022 06:15:10
- Zuletzt bearbeitet 02.05.2025 20:15:19
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.
CVE-2022-39379
- EPSS 44.71%
- Veröffentlicht 02.11.2022 13:15:13
- Zuletzt bearbeitet 21.11.2024 07:18:10
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute a...
CVE-2022-42823
- EPSS 1.41%
- Veröffentlicht 01.11.2022 20:15:24
- Zuletzt bearbeitet 21.04.2025 16:15:51
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-42824
- EPSS 0.33%
- Veröffentlicht 01.11.2022 20:15:24
- Zuletzt bearbeitet 21.04.2025 16:15:51
A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information.
CVE-2022-42799
- EPSS 1.19%
- Veröffentlicht 01.11.2022 20:15:22
- Zuletzt bearbeitet 05.05.2025 17:18:18
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.
CVE-2022-3786
- EPSS 92.49%
- Veröffentlicht 01.11.2022 18:15:11
- Zuletzt bearbeitet 14.04.2026 10:16:26
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for...
CVE-2022-3602
- EPSS 90.77%
- Veröffentlicht 01.11.2022 18:15:10
- Zuletzt bearbeitet 14.04.2026 10:16:25
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or f...
- EPSS 1.06%
- Veröffentlicht 01.11.2022 17:15:10
- Zuletzt bearbeitet 21.11.2024 07:18:09
phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows a...
CVE-2022-42324
- EPSS 0.27%
- Veröffentlicht 01.11.2022 13:15:12
- Zuletzt bearbeitet 21.11.2024 07:24:45
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but i...
CVE-2022-42325
- EPSS 0.28%
- Veröffentlicht 01.11.2022 13:15:12
- Zuletzt bearbeitet 21.11.2024 07:24:45
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction a...