CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-28607 – Gentoo Linux Security Advisory 202305-34
https://notcve.org/view.php?id=CVE-2020-28607
18 Apr 2022 — Se presenta una vulnerabilidad de lectura fuera de límites en el archivo Nef_2/PM_io_parser.h en la función PM_io_parser(PMDEC)::read_face() set_halfedge() Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html • CWE-125: Out-of-bounds Read CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-28606 – Gentoo Linux Security Advisory 202305-34
https://notcve.org/view.php?id=CVE-2020-28606
18 Apr 2022 — Se presenta una vulnerabilidad de lectura fuera de límites en el archivo Nef_2/PM_io_parser.h en la función PM_io_parser(PMDEC)::read_hedge() e-)set_face() Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html • CWE-125: Out-of-bounds Read CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-28605 – Gentoo Linux Security Advisory 202305-34
https://notcve.org/view.php?id=CVE-2020-28605
18 Apr 2022 — Se presenta una lectura fuera de límites en el archivo Nef_2/PM_io_parser.h en la función PM_io_parser(PMDEC)::read_hedge() e-)set_vertex() Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html • CWE-125: Out-of-bounds Read CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-28604 – Gentoo Linux Security Advisory 202305-34
https://notcve.org/view.php?id=CVE-2020-28604
18 Apr 2022 — Se presenta una vulnerabilidad de lectura fuera de límites en el archivo Nef_2/PM_io_parser.h en la función PM_io_parser(PMDEC)::read_hedge() e-)set_next() Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html • CWE-125: Out-of-bounds Read CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-28603 – Gentoo Linux Security Advisory 202305-34
https://notcve.org/view.php?id=CVE-2020-28603
18 Apr 2022 — Se presenta una vulnerabilidad de lectura fuera de límites en el archivo Nef_2/PM_io_parser.h en la función PM_io_parser(PMDEC)::read_hedge() e-)set_prev() Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html • CWE-125: Out-of-bounds Read CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-28602 – Gentoo Linux Security Advisory 202305-34
https://notcve.org/view.php?id=CVE-2020-28602
18 Apr 2022 — Se presenta una vulnerabilidad de lectura fuera de límites en el archivo Nef_2/PM_io_parser.h en la función PM_io_parser(PMDEC)::read_vertex() Halfedge_of[] Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html • CWE-125: Out-of-bounds Read CWE-129: Improper Validation of Array Index •
CVSS: 8.1EPSS: 1%CPEs: 12EXPL: 1CVE-2022-24545 – Windows Kerberos Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24545
15 Apr 2022 — Windows Kerberos Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Windows Kerberos On Windows, the buffer for redirected logon context does not protect against spoofing resulting in arbitrary code execution in the LSA leading to local elevation of privilege. • https://packetstorm.news/files/id/167711 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24846 – Unchecked JNDI lookups in GeoWebCache
https://notcve.org/view.php?id=CVE-2022-24846
14 Apr 2022 — The GeoWebCache disk quota mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. • https://github.com/GeoWebCache/geowebcache/security/advisories/GHSA-4v22-v8jp-438r • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1304 – e2fsprogs: out-of-bounds read/write via crafted filesystem
https://notcve.org/view.php?id=CVE-2022-1304
14 Apr 2022 — This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. ... This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. • https://bugzilla.redhat.com/show_bug.cgi?id=2069726 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-21145
https://notcve.org/view.php?id=CVE-2022-21145
14 Apr 2022 — A specially-crafted HTTP request can lead to arbitrary Javascript code injection. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1442 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •