CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3599 – libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-3599
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. LibTIFF versión 4.4.0, presenta una lectura fuera de límites en writeSingleSection en el archivo tools/tiffcrop.c:7345, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desd... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3621 – Linux Kernel nilfs2 inode.c nilfs_bmap_lookup_at_level null pointer dereference
https://notcve.org/view.php?id=CVE-2022-3621
20 Oct 2022 — A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=21a87d88c2253350e115029f14fe2a10a7e6c856 • CWE-404: Improper Resource Shutdown or Release CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3623 – Linux Kernel BPF gup.c follow_page_pte race condition
https://notcve.org/view.php?id=CVE-2022-3623
20 Oct 2022 — A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f • CWE-123: Write-what-where Condition CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2022-41742 – NGINX ngx_http_mp4_module vulnerability CVE-2022-41742
https://notcve.org/view.php?id=CVE-2022-41742
19 Oct 2022 — NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used i... • https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 2CVE-2022-41741 – NGINX ngx_http_mp4_module vulnerability CVE-2022-41741
https://notcve.org/view.php?id=CVE-2022-41741
19 Oct 2022 — NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the co... • https://github.com/dumbbutt0/evilMP4 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3586 – Linux Kernel Net Scheduler Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-3586
19 Oct 2022 — A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. Se ha encontrado un fallo en el código de red del kernel de Linux. Ha sido encontrado un uso de memoria previamente liberada en la forma en que la función sch_sfb enqueue usó el campo cb d... • https://github.com/torvalds/linux/commit/9efd23297cca • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3594 – Linux Kernel BPF r8152.c intr_callback logging of excessive data
https://notcve.org/view.php?id=CVE-2022-3594
18 Oct 2022 — A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=93e2be344a7db169b7119de21ac1bf253b8c6907 • CWE-404: Improper Resource Shutdown or Release CWE-779: Logging of Excessive Data •
CVSS: 6.5EPSS: 3%CPEs: 11EXPL: 1CVE-2022-35256 – nodejs: HTTP Request Smuggling due to incorrect parsing of header fields
https://notcve.org/view.php?id=CVE-2022-35256
18 Oct 2022 — The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. El analizador llhttp en el módulo http en Node v18.7.0 no maneja correctamente los campos de encabezado que no terminan con CLRF. Esto puede resultar en tráfico ilegal de solicitudes HTTP. A vulnerability was found in NodeJS due to improper validation of HTTP requests. • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.5EPSS: 2%CPEs: 14EXPL: 2CVE-2022-39253 – Git subject to exposure of sensitive information via local clone of symbolic links
https://notcve.org/view.php?id=CVE-2022-39253
18 Oct 2022 — Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via... • https://github.com/ssst0n3/docker-cve-2022-39253-poc • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-2022-39260 – Git vulnerable to Remote Code Execution via Heap overflow in `git shell`
https://notcve.org/view.php?id=CVE-2022-39260
18 Oct 2022 — Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Beca... • http://seclists.org/fulldisclosure/2022/Nov/1 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •