CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3140 – Macro URL arbitrary script execution
https://notcve.org/view.php?id=CVE-2022-3140
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6. • https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32 https://security.gentoo.org/glsa/202212-04 https://www.debian.org/security/2022/dsa-5252 https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140 https://access.redhat.com/security/cve/CVE-2022-3140 https://bugzilla.redhat.com/show_bug.cgi?id=2134697 • CWE-20: Improper Input Validation CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-33746
https://notcve.org/view.php?id=CVE-2022-33746
P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing. La liberación del pool P2M puede tardar demasiado El pool P2M que respalda la traducción de direcciones de segundo nivel para huéspedes puede tener un tamaño considerable. Por lo tanto, su liberación puede tomar más tiempo de lo que es razonable sin comprobaciones intermedias de preferencia. • http://www.openwall.com/lists/oss-security/2022/10/11/3 http://xenbits.xen.org/xsa/advisory-410.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE https://security.gentoo.org/glsa/202402-07 https:// • CWE-404: Improper Resource Shutdown or Release •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-37616
https://notcve.org/view.php?id=CVE-2022-37616
A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states "we are in the process of marking this report as invalid"; however, some third parties takes the position that "A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted." Se presenta una vulnerabilidad de contaminación de prototipos en la función copy en el archivo dom.js en el paquete xmldom (publicado como @xmldom/xmldom) versiones anteriores a 0.8.3 para Node.js por medio de la variable p. NOTA: el proveedor afirma que "estamos en proceso de marcar este informe como no válido" • http://users.encs.concordia.ca/~mmannan/publications/JS-vulnerability-aisaccs2022.pdf https://dl.acm.org/doi/abs/10.1145/3488932.3497769 https://dl.acm.org/doi/pdf/10.1145/3488932.3497769 https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L1 https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L3 https://github.com/xmldom/xmldom/issues/436 https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826 https://github. • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-33748
https://notcve.org/view.php?id=CVE-2022-33748
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be acquired nested within one another, but in respectively opposite order. With suitable timing between the involved grant copy operations this may result in the locking up of a CPU. Inversión del orden de bloqueo en el manejo de la copia de concesión transitiva Como parte de XSA-226 fue insertada una llamada de limpieza que faltaba en una ruta de manejo de errores. • http://www.openwall.com/lists/oss-security/2022/10/11/2 http://xenbits.xen.org/xsa/advisory-411.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE https://security.gentoo.org/glsa/202402-07 https:// • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3435 – Linux Kernel IPv4 fib_semantics.c fib_nh_match out-of-bounds
https://notcve.org/view.php?id=CVE-2022-3435
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. • https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR https://lore.kernel.org/netdev/20221005181257.8897-1-dsahern%40kernel.org/T/#u https://vuldb.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •