CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-0559 – Use After Free in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-0559
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. Un Uso de Memoria Previamente Liberada en NPM radare2.js versiones anteriores a 5.6.2 • https://github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e https://huntr.dev/bounties/aa80adb7-e900-44a5-ad05-91f3ccdfc81e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-0613 – Authorization Bypass Through User-Controlled Key in medialize/uri.js
https://notcve.org/view.php?id=CVE-2022-0613
Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. Una Omisión de Autorización mediante una clave controlada por el usuario en NPM urijs versiones anteriores a 1.19.8 A flaw was found in urijs due to the fix of CVE-2021-3647 not considering case-sensitive protocol schemes in the URL. This issue allows attackers to bypass the patch. • https://github.com/medialize/uri.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f https://huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXSSATHALUSXXD2KT6UFZAX7EG4GR332 https://access.redhat.com/security/cve/CVE-2022-0613 https://bugzilla.redhat.com/show_bug.cgi?id=2055496 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-25235 – expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-25235
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. El archivo xmltok_impl.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, carece de determinada comprobación de codificación, como comprueba si un carácter UTF-8 es válido en un determinado contexto A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences (for example, from start tag names) to the XML processing application on top of expat can lead to arbitrary code execution. This issue is dependent on how invalid UTF-8 is handled inside the XML processor. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/562 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa&# • CWE-116: Improper Encoding or Escaping of Output CWE-838: Inappropriate Encoding for Output Context •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-24048 – MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24048
MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220318-0004 https://www.zerodayinitiative.com/advisories/ZDI-22-363 https://access.redh • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-24051 – MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24051
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220318-0004 https://www.zerodayinitiative.com/advisories/ZDI-22-318 https://access.redh • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-134: Use of Externally-Controlled Format String •