CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 5CVE-2023-24329 – python: urllib.parse url blocklisting bypass
https://notcve.org/view.php?id=CVE-2023-24329
17 Feb 2023 — An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity. Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containeri... • https://github.com/JawadPy/CVE-2023-24329-Exploit • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2022-41858 – kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip
https://notcve.org/view.php?id=CVE-2022-41858
17 Jan 2023 — A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. • https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-23559 – Ubuntu Security Notice USN-5924-1
https://notcve.org/view.php?id=CVE-2023-23559
13 Jan 2023 — In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. En rndis_query_oid en drivers/net/wireless/rndis_wlan.c en el kernel de Linux hasta 6.1.5, hay un desbordamiento de enteros en una suma. It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was disc... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-37966 – Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37966
09 Nov 2022 — Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Kerberos RC4-HMAC de Windows Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966 •
CVSS: 8.3EPSS: 1%CPEs: 14EXPL: 0CVE-2022-37967 – Windows Kerberos Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37967
09 Nov 2022 — Windows Kerberos Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Kerberos en Windows Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967 •
CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-38023 – Netlogon RPC Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38023
09 Nov 2022 — Netlogon RPC Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Netlogon RPC A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detec... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 • CWE-328: Use of Weak Hash •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 1CVE-2022-45061 – python: CPU denial of service via inefficient IDNA decoder
https://notcve.org/view.php?id=CVE-2022-45061
09 Nov 2022 — An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostna... • https://github.com/python/cpython/issues/98433 • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 5CVE-2022-43680 – expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
https://notcve.org/view.php?id=CVE-2022-43680
24 Oct 2022 — In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. En libexpat versiones hasta 2.4.9, se presenta un uso de memoria previamente liberada causado por la destrucción excesiva de un DTD compartido en XML_ExternalEntityParserCreate en situaciones fuera de memoria A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-mem... • https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-43680 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 3CVE-2022-41222 – kernel: mm/mremap.c use-after-free vulnerability
https://notcve.org/view.php?id=CVE-2022-41222
21 Sep 2022 — mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. El archivo mm/mremap.c en el kernel de Linux versiones anteriores a 5.13.3, presenta un uso de memoria previamente liberada por medio de un TLB obsoleto porque un bloqueo rmap no es mantenido durante un movimiento PUD A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code in how a race condition happens between rmap walk a... • https://packetstorm.news/files/id/168466 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-39189 – kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning
https://notcve.org/view.php?id=CVE-2022-39189
02 Sep 2022 — An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. Se ha detectado un problema en el subsistema KVM x86 en el kernel de Linux versiones anteriores a 5.18.17. Los usuarios invitados no privilegiados pueden comprometer el kernel invitado porque las operaciones de vaciado del TLB son manejadas inapropiadamente en determinadas situaciones d... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2309 • CWE-416: Use After Free •