CVSS: 9.8EPSS: 7%CPEs: 7EXPL: 2CVE-2022-25236 – expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-25236
16 Feb 2022 — xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. El archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, permite a atacantes insertar caracteres separadores de espacios de nombres en URIs de espacios de nombres A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns[:prefix]" attribute values made expat send malformed tag names to the XML processor on top o... • https://packetstorm.news/files/id/167238 • CWE-179: Incorrect Behavior Order: Early Validation CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 1CVE-2022-0391 – python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
https://notcve.org/view.php?id=CVE-2022-0391
09 Feb 2022 — A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. • https://bugs.python.org/issue43882 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 87%CPEs: 56EXPL: 170CVE-2021-4034 – Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
https://notcve.org/view.php?id=CVE-2021-4034
26 Jan 2022 — A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfull... • https://packetstorm.news/files/id/166196 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-21375
https://notcve.org/view.php?id=CVE-2022-21375
19 Jan 2022 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). • https://www.oracle.com/security-alerts/cpuapr2022.html •
CVSS: 5.3EPSS: 0%CPEs: 27EXPL: 0CVE-2022-21271 – Gentoo Linux Security Advisory 202209-05
https://notcve.org/view.php?id=CVE-2022-21271
19 Jan 2022 — Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause... • https://security.gentoo.org/glsa/202209-05 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2021-4181 – Gentoo Linux Security Advisory 202210-04
https://notcve.org/view.php?id=CVE-2021-4181
30 Dec 2021 — Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file Un bloqueo en Sysdig Event dissector en Wireshark versiones 3.6.0 y 3.4.0 a 3.4.10, permite la denegación de servicio por inyección de paquetes o por un archivo de captura diseñado. Multiple vulnerabilities have been discovered in Wireshark, the worst of which could result in denial of service. Versions less than 3.6.8 are affected. • https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4181.json • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2021-4183 – Gentoo Linux Security Advisory 202210-04
https://notcve.org/view.php?id=CVE-2021-4183
30 Dec 2021 — Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file Un bloqueo en pcapng file parser en Wireshark versión 3.6.0 permite una denegación de servicio por medio de un archivo de captura diseñado. Multiple vulnerabilities have been discovered in Wireshark, the worst of which could result in denial of service. Versions less than 3.6.8 are affected. • https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4183.json • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2021-4184 – Gentoo Linux Security Advisory 202210-04
https://notcve.org/view.php?id=CVE-2021-4184
30 Dec 2021 — Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file Un bucle infinito en BitTorrent DHT dissector en Wireshark versiones 3.6.0 y 3.4.0 a 3.4.10, permite una denegación de servicio por medio de una inyección de paquetes o de un archivo de captura diseñado. Multiple vulnerabilities have been discovered in Wireshark, the worst of which could result in denial of service. Versions less than 3.6.8 are affected. • https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4184.json • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2021-4185 – Gentoo Linux Security Advisory 202210-04
https://notcve.org/view.php?id=CVE-2021-4185
30 Dec 2021 — Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file Un Bucle infinito en RTMPT dissector en Wireshark versiones 3.6.0 y 3.4.0 a 3.4.10, permite una denegación de servicio por inyección de paquetes o archivo de captura diseñado. Multiple vulnerabilities have been discovered in Wireshark, the worst of which could result in denial of service. Versions less than 3.6.8 are affected. • https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4185.json • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-4182 – Gentoo Linux Security Advisory 202210-04
https://notcve.org/view.php?id=CVE-2021-4182
30 Dec 2021 — Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file Un bloqueo en RFC 7468 dissector en Wireshark versiones 3.6.0 y 3.4.0 a 3.4.10, permite una denegación de servicio por inyección de paquetes o por un archivo de captura diseñado. Multiple vulnerabilities have been discovered in Wireshark, the worst of which could result in denial of service. Versions less than 3.6.8 are affected. • https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4182.json • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •