CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-45939 – emacs: ctags local command execution vulnerability
https://notcve.org/view.php?id=CVE-2022-45939
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input. GNU Emacs hasta la versión 28.2 permite a los atacantes ejecutar comandos a través de metacaracteres de shell en el nombre de un archivo de código fuente, porque lib-src/etags.c utiliza la función de librería C del sistema en su implementación del programa ctags. Por ejemplo, una víctima puede utilizar el comando "ctags *" (sugerido en la documentación de ctags) en una situación en la que el directorio de trabajo actual tiene contenidos que dependen de entradas que no son de confianza. A flaw was found in Etags, the Ctags implementation of Emacs. • https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51 https://lists.debian.org/debian-lts-announce/2022/12/msg00046.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOSK3J7BBAEI4IITW2DRUKLQYUZYKH6Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOXIH2FDEQJEAARE52C3GHTLGQFBYPIB https://www.debian.org/security/2023/dsa-5314 https://access.redhat.com/security/cve/CVE-2022-45939 https://bugzill • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-45152
https://notcve.org/view.php?id=CVE-2022-45152
A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems. This vulnerability allows a remote attacker to perform SSRF attacks. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71920 https://bugzilla.redhat.com/show_bug.cgi?id=2142775 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB https://moodle.org/mod/foru • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-4141 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-4141
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. Desbordamiento de búfer basado en vim/vim 9.0.0946 y versiones anteriores al permitir que un atacante presione CTRL-W gf en la expresión utilizada en el RHS del comando sustituto. • https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5 https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AZ3JMSUCR6Y7626RDWQ2HNSUFIQOJ33G https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6ZNKVN4GICORTVFKVCM4MSOXCYWNHUC https://security.gentoo.org/glsa/202305-16 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-39346 – Missing length validation of user displayname in nextcloud server
https://notcve.org/view.php?id=CVE-2022-39346
Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Server is upgraded to 22.2.10, 23.0.7 or 24.0.3. There are no known workarounds for this issue. El servidor Nextcloud es un servidor en la nube personal de código abierto. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6w9f-jgjx-4vj6 https://github.com/nextcloud/server/pull/33052 https://hackerone.com/reports/1588562 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TARDPRPBTI5TJRBYRVVQGTL6KWRCV5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R32L3P53AQKQQC652LA5U3AWFTZKPDK3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRAER4DCCHHSUDFHQ6LTIH4JEJFF73IU • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 2%CPEs: 5EXPL: 0CVE-2022-3437
https://notcve.org/view.php?id=CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Se encontró una vulnerabilidad de desbordamiento de búfer en Samba dentro de las rutinas GSSAPI unwrap_des() y unwrap_des3() de Heimdal. Las rutinas de descifrado DES y Triple-DES de la biblioteca GSSAPI de Heimdal permiten un desbordamiento del búfer de escritura de longitud limitada en la memoria asignada a malloc() cuando se presenta un paquete maliciosamente pequeño. • http://www.openwall.com/lists/oss-security/2023/02/08/1 https://access.redhat.com/security/cve/CVE-2022-3437 https://bugzilla.redhat.com/show_bug.cgi?id=2137774 https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html https://security.gentoo.org/glsa/202309-06 https://security.gentoo.org/glsa/202310-06 https://security.netapp.com/advisory/ntap-20230216-0008 https://www.samba.org/samba/security/CVE-2022-3437.html • CWE-122: Heap-based Buffer Overflow •