CVSS: 5.9EPSS: 1%CPEs: 10EXPL: 0CVE-2022-2127 – Samba: out-of-bounds read in winbind auth_crap
https://notcve.org/view.php?id=CVE-2022-2127
20 Jul 2023 — An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash. It was discovered that Samba incorrectly... • https://access.redhat.com/errata/RHSA-2023:6667 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 10EXPL: 1CVE-2023-2602 – libcap: Memory Leak on pthread_create() Error
https://notcve.org/view.php?id=CVE-2023-2602
06 Jun 2023 — A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts... • https://bugzilla.redhat.com/show_bug.cgi?id=2209114 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-1668 – openvswitch: ip proto 0 triggers incorrect handling
https://notcve.org/view.php?id=CVE-2023-1668
10 Apr 2023 — A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow. An update for redhat-release-virtualization-host and re... • https://bugzilla.redhat.com/show_bug.cgi?id=2137666 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-4283 – X.Org Server XkbCopyNames Double Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-4283
14 Dec 2022 — A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. Se encontró una vulnerabilidad en X.Org. Este fallo de seguridad se produce porque la función XkbCopyNames dejó un puntero colgante a ... • https://access.redhat.com/security/cve/CVE-2022-4283 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 1%CPEs: 8EXPL: 0CVE-2022-46340 – X.Org Server XTestFakeInput Type Confusion Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-46340
14 Dec 2022 — A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order. Se encon... • https://access.redhat.com/security/cve/CVE-2022-46340 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 1%CPEs: 8EXPL: 0CVE-2022-46341 – X.Org Server ProcXIPassiveUngrabDevice Improper Validation of Array Index Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-46341
14 Dec 2022 — A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. Se encontró una vulnerabilidad en X.Org. Esta falla de seguridad se produce porque el controlador de la solicitud XIPassiveUngrab accede a la memoria fuera de l... • https://access.redhat.com/security/cve/CVE-2022-46341 • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-46342 – X.Org Server XvdiSelectVideoNotify Use-After-Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-46342
14 Dec 2022 — A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se Se encontró una vulnerabilidad en X.Org. Este fallo de seguridad se produce porque el controlador de la solicitud XvdiSelectVideoNotify puede escribir en la memoria una vez liberada. Este problema puede provocar una elevación de privilegios locales en sistemas donde X se... • https://access.redhat.com/security/cve/CVE-2022-46342 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 1%CPEs: 8EXPL: 0CVE-2022-46343 – X.Org Server ScreenSaverSetAttributes Use-After-Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-46343
14 Dec 2022 — A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. Se encontró una vulnerabilidad en X.Org. Este fallo de seguridad se produce porque el controlador de la solicitud ScreenSaverSetAttributes puede escribir en la memoria una vez liberada.... • https://access.redhat.com/security/cve/CVE-2022-46343 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-46344 – X.Org Server ProcXIChangeProperty Numeric Truncation Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-46344
14 Dec 2022 — A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. Se encontró una vulnerabilidad en X.Org. Esta falla de seguridad se produce porque el controlador de la solicitud XIChangeProper... • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 2CVE-2022-2850 – 389-ds-base: SIGSEGV in sync_repl
https://notcve.org/view.php?id=CVE-2022-2850
14 Oct 2022 — A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514. Se ha encontrado un fallo en 389-ds-base. • https://access.redhat.com/security/cve/CVE-2022-2850 • CWE-476: NULL Pointer Dereference •