CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26361 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2022-26361
05 Apr 2022 — Las subsiguientes DMA o interrupciones del dispositivo pueden tener un comportamiento imprevisible, que va desde los fallos de la IOMMU hasta la corrupción de la memoria Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/04/05/3 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26360 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2022-26360
05 Apr 2022 — Las subsiguientes DMA o interrupciones del dispositivo pueden tener un comportamiento imprevisible, que va desde los fallos de la IOMMU hasta la corrupción de la memoria Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/04/05/3 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2022-24795 – Buffer Overflow and Integer Overflow in yajl-ruby
https://notcve.org/view.php?id=CVE-2022-24795
05 Apr 2022 — Maintainers believe exploitation for arbitrary code execution is unlikely. • https://github.com/brianmario/yajl-ruby/blob/7168bd79b888900aa94523301126f968a93eb3a6/ext/yajl/yajl_buf.c#L64 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.2EPSS: 2%CPEs: 1EXPL: 3CVE-2022-26982 – SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-26982
05 Apr 2022 — SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. NOTE: the vendor's position is that administrators are intended to have the ability to modify themes, and can thus choose any PHP code that they wish to have executed on the server. SimpleMachinesForum versiones 2.1.1 y anteriores, permiten a administradores remotos autenticados ejecutar código arbitrario al inse... • https://packetstorm.news/files/id/171486 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-26357 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2022-26357
05 Apr 2022 — La limpieza de las estructuras de mantenimiento de la casa presenta una carrera, lo que permite que los ID de dominio VT-d sean filtrados y que los flushes sean evitados Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/04/05/2 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.6EPSS: 0%CPEs: 6EXPL: 0CVE-2022-26356 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2022-26356
05 Apr 2022 — Esto es debido a una falta de bloqueo mutuamente excluyente entre ambas operaciones y puede conllevar a que son añadidas entradas en ranuras ya liberadas, dando lugar a una pérdida de memoria Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/04/05/1 • CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26358 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2022-26358
05 Apr 2022 — Las subsiguientes DMA o interrupciones del dispositivo pueden tener un comportamiento impredecible, que va desde fallos IOMMU hasta corrupción de memoria Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/04/05/3 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26359 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2022-26359
05 Apr 2022 — Las subsiguientes DMA o interrupciones del dispositivo pueden tener un comportamiento imprevisible, que va desde los fallos de la IOMMU hasta la corrupción de la memoria Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/04/05/3 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-24191 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-24191
04 Apr 2022 — En HTMLDOC versión 1.9.14, un bucle infinito en la función gif_read_lzw puede conllevar a que un puntero apunte arbitrariamente a la memoria de la pila y resulte en un desbordamiento del búfer Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code execution. • https://github.com/michaelrsweet/htmldoc/issues/470 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1222 – Inf loop in gpac/gpac
https://notcve.org/view.php?id=CVE-2022-1222
04 Apr 2022 — Un bucle de Información en el repositorio de GitHub gpac/gpac versiones anteriores a 2.1.0-DEV Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://github.com/gpac/gpac/commit/7f060bbb72966cae80d6fee338d0b07fa3fc06e1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •