CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 2CVE-2022-37032 – frr: out-of-bounds read in the BGP daemon may lead to information disclosure or denial of service
https://notcve.org/view.php?id=CVE-2022-37032
12 Sep 2022 — An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. Una lectura fuera de límites en el demonio BGP de FRRouting FRR versiones anteriores a 8.4, puede conllevar a un fallo de segmentación y una denegación de servicio. Esto ocurre en la función bgp_capability_msg_parse en el archivo bgpd/bgp_packet.c A vulnerability was found in FRRouting. This issue occurs in bgp_capability_ms... • https://github.com/spwpun/CVE-2022-37032 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-37797 – Debian Security Advisory 5243-1
https://notcve.org/view.php?id=CVE-2022-37797
12 Sep 2022 — In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition. En lighttpd 1.4.65, la función mod_wstunnel no inicializa un puntero de función de manejador si es recibida una petición HTTP no válida (websocket handshake). Esto conlleva a una desreferencia de puntero null que hace que el ser... • https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-36280 – There is an out-of-bounds write vulnerability in vmwgfx driver
https://notcve.org/view.php?id=CVE-2022-36280
09 Sep 2022 — An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). Se ha encontrado una vulnerabilidad de acceso a memoria fuera de límites (OOB) en el controlador vmwgfx en el archivo drivers/gpu/vmxgfx/vmxgfx_kms.c en el componente GPU en el kernel de Linux... • https://bugzilla.openanolis.cn/show_bug.cgi?id=2071 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38266 – Gentoo Linux Security Advisory 202312-01
https://notcve.org/view.php?id=CVE-2022-38266
09 Sep 2022 — An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file. Un problema en la biblioteca enlazada Leptonica (v1.79.0) permite a los atacantes provocar una excepción aritmética que conduce a una denegación de servicio (DoS) a través de un archivo JPEG manipulado Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution. Versions greater than or equal to ... • https://github.com/DanBloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-2905 – Ubuntu Security Notice USN-5729-1
https://notcve.org/view.php?id=CVE-2022-2905
09 Sep 2022 — An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. Se ha encontrado un fallo de lectura de memoria fuera de límites en el subsistema BPF del kernel de Linux en la forma en que un usuario llama a la función bpf_tail_call con una clave mayor que el max_entries del mapa. Este fallo permite a un usuario local conseguir a... • https://bugzilla.redhat.com/show_bug.cgi?id=2121800 • CWE-125: Out-of-bounds Read •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2022-40307 – Ubuntu Security Notice USN-5791-3
https://notcve.org/view.php?id=CVE-2022-40307
09 Sep 2022 — An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. Se ha detectado un problema en el kernel de Linux versiones hasta 5.19.8. El archivo drivers/firmware/efi/capsule-loader.c presenta una condición de carrera con un uso de memoria previamente liberada resultante It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. ... • https://github.com/torvalds/linux/commit/9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3169 – Ubuntu Security Notice USN-5939-1
https://notcve.org/view.php?id=CVE-2022-3169
09 Sep 2022 — A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect. Se ha encontrado un fallo en el kernel de Linux. Puede producirse un fallo de denegación de servicio si se presenta una petición consecutiva del NVME_IOCTL_RESET y del NVME_IOCTL_SUBSYS_RESET mediante el archivo de dispositivo del controlador, resultando en una desconexión... • https://bugzilla.kernel.org/show_bug.cgi?id=214771 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2022-40023 – python-mako: REDoS in Lexer class
https://notcve.org/view.php?id=CVE-2022-40023
07 Sep 2022 — Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. Sqlalchemy mako versiones anteriores a 1.2.2, es vulnerable a una Denegación de Servicio de expresiones Regulares cuando es usada la clase Lexer para analizar. Esto también afecta a babelplugin y linguaplugin A vulnerability was found in the mako package. Affected versions of this package are vulnerable to Regular expression denial of service... • https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-3134 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-3134
06 Sep 2022 — Use After Free in GitHub repository vim/vim prior to 9.0.0389. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 9.0.0389 It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Vim did not properly perform bounds checks in the diff mode... • https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e • CWE-416: Use After Free •
CVSS: 10.0EPSS: 7%CPEs: 2EXPL: 2CVE-2022-3008 – Command Injection on tinygltf
https://notcve.org/view.php?id=CVE-2022-3008
05 Sep 2022 — The tinygltf library uses the C library function wordexp() to perform file path expansion on untrusted paths that are provided from the input file. This function allows for command injection by using backticks. An attacker could craft an untrusted path input that would result in a path expansion. We recommend upgrading to 2.6.0 or past commit 52ff00a38447f06a17eab1caa2cf0730a119c751 La biblioteca tinygltf usa la función de la biblioteca C wordexp() para llevar a cabo una expansión de la ruta del archivo en ... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49053 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •