CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-2938 – kernel: use-after-free when psi trigger is destroyed while being polled
https://notcve.org/view.php?id=CVE-2022-2938
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. Se ha encontrado un fallo en la implementación del kernel de Linux de la Información de Bloqueo de Presión. Aunque la función está deshabilitada por defecto, podría permitir a un atacante bloquear el sistema o tener otros efectos secundarios de corrupción de memoria. A flaw was found in the Linux kernel’s implementation of Pressure Stall Information. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848 https://security.netapp.com/advisory/ntap-20221223-0002 https://access.redhat.com/security/cve/CVE-2022-2938 https://bugzilla.redhat.com/show_bug.cgi?id=2120175 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-2946 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-2946
Use After Free in GitHub repository vim/vim prior to 9.0.0246. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 9.0.0246. • https://github.com/vim/vim/commit/adce965162dd89bf29ee0e5baf53652e7515762c https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5 https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD https://security.gentoo.org/glsa/202305-16 • CWE-416: Use After Free •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 1CVE-2022-2923 – NULL Pointer Dereference in vim/vim
https://notcve.org/view.php?id=CVE-2022-2923
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. Una Desreferencia de Puntero NULL en el repositorio de GitHub vim/vim versiones anteriores a 9.0.0240. • https://github.com/vim/vim/commit/6669de1b235843968e88844ca6d3c8dec4b01a9e https://huntr.dev/bounties/fd3a3ab8-ab0f-452f-afea-8c613e283fd2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD https://security.gentoo.org/glsa/202305-16 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-32893 – Apple iOS and macOS Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2022-32893
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. • http://seclists.org/fulldisclosure/2022/Aug/16 http://seclists.org/fulldisclosure/2022/Oct/49 http://www.openwall.com/lists/oss-security/2022/08/25/5 http://www.openwall.com/lists/oss-security/2022/08/26/2 http://www.openwall.com/lists/oss-security/2022/08/29/1 http://www.openwall.com/lists/oss-security/2022/08/29/2 http://www.openwall.com/lists/oss-security/2022/09/02/10 http://www.openwall.com/lists/oss-security/2022/09/13/1 https://lis • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-2889 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-2889
Use After Free in GitHub repository vim/vim prior to 9.0.0225. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 9.0.0225. • https://github.com/vim/vim/commit/91c7cbfe31bbef57d5fcf7d76989fc159f73ef15 https://huntr.dev/bounties/d1ac9817-825d-49ce-b514-1d5b12b6bdaa https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD https://security.gentoo.org/glsa/202305-16 • CWE-416: Use After Free •