CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-1902 – stackrox: Improper sanitization allows users to retrieve Notifier secrets from GraphQL API in plaintext
https://notcve.org/view.php?id=CVE-2022-1902
A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifiers from the GraphQL API, revealing secrets that can escalate their privileges. Se ha encontrado un fallo en Red Hat Advanced Cluster Security for Kubernetes. Los secretos de los notificadores no estaban apropiadamente saneados en la API GraphQL. • https://access.redhat.com/security/cve/CVE-2022-1902 https://bugzilla.redhat.com/show_bug.cgi?id=2090957 https://github.com/stackrox/stackrox/pull/1803 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1665
https://notcve.org/view.php?id=CVE-2022-1665
A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code. Un conjunto de paquetes del kernel de preproducción de Red Hat Enterprise Linux para la arquitectura IBM Power puede ser arrancado por el grub en modo de arranque seguro aunque no debería. Estas compilaciones del kernel no presentan aplicados los parches de bloqueo de arranque seguro y pueden omitir las comprobaciones de arranque seguro, permitiendo al atacante cargar otro código no confiable • https://bugzilla.redhat.com/show_bug.cgi?id=2089529 • CWE-1291: Public Key Re-Use for Signing both Debug and Production Code •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28737 – There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables
https://notcve.org/view.php?id=CVE-2022-28737
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario. A flaw was found in shim during the handling of EFI executables. A crafted EFI image can lead to an overflow in shim. • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28737 https://www.openwall.com/lists/oss-security/2022/06/07/5 https://access.redhat.com/security/cve/CVE-2022-28737 https://bugzilla.redhat.com/show_bug.cgi?id=2090899 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.9EPSS: 0%CPEs: 40EXPL: 0CVE-2021-3696 – grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
https://notcve.org/view.php?id=CVE-2021-3696
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. Puede producirse una escritura fuera de límites de la pila durante el manejo de las tablas Huffman en el lector PNG. • https://bugzilla.redhat.com/show_bug.cgi?id=1991686 https://security.gentoo.org/glsa/202209-12 https://security.netapp.com/advisory/ntap-20220930-0001 https://access.redhat.com/security/cve/CVE-2021-3696 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0CVE-2021-3697 – grub2: Crafted JPEG image can lead to buffer underflow write in the heap
https://notcve.org/view.php?id=CVE-2021-3697
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. Una imagen JPEG diseñada puede conllevar que el lector de JPEG desborde su puntero de datos, permitiendo que los datos controlados por el usuario sean escritos en la pila. • https://bugzilla.redhat.com/show_bug.cgi?id=1991687 https://security.gentoo.org/glsa/202209-12 https://security.netapp.com/advisory/ntap-20220930-0001 https://access.redhat.com/security/cve/CVE-2021-3697 • CWE-787: Out-of-bounds Write •