CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-2124 – Buffer Over-read in vim/vim
https://notcve.org/view.php?id=CVE-2022-2124
Buffer Over-read in GitHub repository vim/vim prior to 8.2. Una Lectura Excesiva del Búfer en el repositorio GitHub vim/vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 http://seclists.org/fulldisclosure/2022/Oct/45 https://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f https://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42 https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-2126 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2022-2126
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Una Lectura Fuera de Límites en el repositorio de GitHub vim/vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 http://seclists.org/fulldisclosure/2022/Oct/45 https://github.com/vim/vim/commit/156d3911952d73b03d7420dc3540215247db0fe8 https://huntr.dev/bounties/8d196d9b-3d10-41d2-9f70-8ef0d08c946e https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 1CVE-2022-33981
https://notcve.org/view.php?id=CVE-2022-33981
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. El archivo drivers/block/floppy.c en el kernel de Linux versiones anteriores a 5.17.6, es vulnerable a una denegación de servicio, debido a un fallo de uso de concurrencia después de la asignación de raw_cmd en la función raw_cmd_ioctl • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.6 https://exchange.xforce.ibmcloud.com/vulnerabilities/225362 https://github.com/torvalds/linux/commit/233087ca063686964a53c829d547c7571e3f67bf https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://seclists.org/oss-sec/2022/q2/66 https://www.debian.org/security/2022/dsa-5173 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2022-21166 – hw: cpu: incomplete clean-up in specific special register write operations (aka DRPW)
https://notcve.org/view.php?id=CVE-2022-21166
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una limpieza incompleta en operaciones específicas de escritura en registros especiales para algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgación de información por medio de acceso local A flaw was found in hw. Incomplete cleanup in specific special register write operations for some Intel® Processors may allow an authenticated user to enable information disclosure via local access. • http://www.openwall.com/lists/oss-security/2022/06/16/1 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q https://lists.fedoraproject.org/archives& • CWE-459: Incomplete Cleanup •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2022-21125 – hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS)
https://notcve.org/view.php?id=CVE-2022-21125
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una limpieza incompleta de los búferes de relleno de la microarquitectura en algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgación de información por medio del acceso local A flaw was found in hw. Incomplete cleanup of microarchitectural fill buffers on some Intel® Processors may allow an authenticated user to enable information disclosure via local access. • http://www.openwall.com/lists/oss-security/2022/06/16/1 http://xenbits.xen.org/xsa/advisory-404.html https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24 • CWE-459: Incomplete Cleanup •