Total
8120 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33981 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-04 | 2.1 LOW | 3.3 LOW |
| drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. | |||||
| CVE-2022-31003 | 2 Debian, Signalwire | 2 Debian Linux, Sofia-sip | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue. | |||||
| CVE-2022-2000 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-28202 | 3 Debian, Fedoraproject, Mediawiki | 3 Debian Linux, Fedora, Mediawiki | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete. | |||||
| CVE-2022-31090 | 2 Debian, Guzzlephp | 2 Debian Linux, Guzzle | 2024-02-04 | 4.0 MEDIUM | 7.7 HIGH |
| Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information. In affected versions when using our Curl handler, it is possible to use the `CURLOPT_HTTPAUTH` option to specify an `Authorization` header. On making a request which responds with a redirect to a URI with a different origin (change in host, scheme or port), if we choose to follow it, we should remove the `CURLOPT_HTTPAUTH` option before continuing, stopping curl from appending the `Authorization` header to the new request. Affected Guzzle 7 users should upgrade to Guzzle 7.4.5 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.8 or 7.4.5. Note that a partial fix was implemented in Guzzle 7.4.2, where a change in host would trigger removal of the curl-added Authorization header, however this earlier fix did not cover change in scheme or change in port. If you do not require or expect redirects to be followed, one should simply disable redirects all together. Alternatively, one can specify to use the Guzzle steam handler backend, rather than curl. | |||||
| CVE-2022-24851 | 2 Debian, Ldap-account-manager | 2 Debian Linux, Ldap Account Manager | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
| LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and hence leads to stored XSS attacks. An authenticated user can store XSS payloads in the profiles, which gets triggered when any other user try to access the edit profile page. The pdf editor tool has an edit pdf profile functionality, the logoFile parameter in it is not properly sanitized and an user can enter relative paths like ../../../../../../../../../../../../../usr/share/icons/hicolor/48x48/apps/gvim.png via tools like burpsuite. Later when a pdf is exported using the edited profile the pdf icon has the image on that path(if image is present). Both issues require an attacker to be able to login to LAM admin interface. The issue is fixed in version 7.9.1. | |||||
| CVE-2020-28627 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() ch->shell_entry_objects(). | |||||
| CVE-2020-28629 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->sprev(). | |||||
| CVE-2022-24713 | 3 Debian, Fedoraproject, Rust-lang | 3 Debian Linux, Fedora, Regex | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes. | |||||
| CVE-2022-0543 | 2 Debian, Redis | 2 Debian Linux, Redis | 2024-02-04 | 10.0 HIGH | 10.0 CRITICAL |
| It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. | |||||
| CVE-2022-0586 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-26491 | 2 Debian, Pidgin | 2 Debian Linux, Pidgin | 2024-02-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attacker to take over control over the XMPP connection and to obtain user credentials and all communication content. This is similar to CVE-2022-24968. | |||||
| CVE-2022-26364 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
| x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe. | |||||
| CVE-2022-26363 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
| x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe. | |||||
| CVE-2021-3752 | 6 Debian, Fedoraproject, Linux and 3 more | 27 Debian Linux, Fedora, Linux Kernel and 24 more | 2024-02-04 | 7.9 HIGH | 7.1 HIGH |
| A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2022-23308 | 6 Apple, Debian, Fedoraproject and 3 more | 44 Ipados, Iphone Os, Mac Os X and 41 more | 2024-02-04 | 4.3 MEDIUM | 7.5 HIGH |
| valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | |||||
| CVE-2022-24070 | 2 Apache, Debian | 2 Subversion, Debian Linux | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected. | |||||
| CVE-2022-25647 | 4 Debian, Google, Netapp and 1 more | 6 Debian Linux, Gson, Active Iq Unified Manager and 3 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | |||||
| CVE-2022-1516 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. | |||||
| CVE-2022-31091 | 2 Debian, Guzzlephp | 2 Debian Linux, Guzzle | 2024-02-04 | 4.0 MEDIUM | 7.7 HIGH |
| Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the `Authorization` and `Cookie` headers from the request, before containing. Previously, we would only consider a change in host or scheme. Affected Guzzle 7 users should upgrade to Guzzle 7.4.5 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.8 or 7.4.5. Note that a partial fix was implemented in Guzzle 7.4.2, where a change in host would trigger removal of the curl-added Authorization header, however this earlier fix did not cover change in scheme or change in port. An alternative approach would be to use your own redirect middleware, rather than ours, if you are unable to upgrade. If you do not require or expect redirects to be followed, one should simply disable redirects all together. | |||||