CVSS: 8.1EPSS: 1%CPEs: 5EXPL: 0CVE-2022-24801 – HTTP Request Smuggling in twisted.web
https://notcve.org/view.php?id=CVE-2022-24801
04 Apr 2022 — Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling. Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests ... • https://github.com/twisted/twisted/commit/592217e951363d60e9cd99c5bbfd23d4615043ac • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-1154 – Use after free in utf_ptr2char in vim/vim
https://notcve.org/view.php?id=CVE-2022-1154
30 Mar 2022 — Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. Un uso de memoria previamente liberada en utf_ptr2char en el repositorio de GitHub vim/vim versiones anteriores a 8.2 A heap use-after-free vulnerability was found in Vim's utf_ptr2char() function of the src/mbyte.c file. This flaw occurs because vim is using a buffer line after it has been freed in the old regexp engine. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-aft... • https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5 • CWE-416: Use After Free •
CVSS: 8.0EPSS: 0%CPEs: 26EXPL: 0CVE-2021-4157 – kernel: Buffer overwrite in decode_nfs_fh function
https://notcve.org/view.php?id=CVE-2021-4157
25 Mar 2022 — An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system. Se encontró un fallo de escritura fuera de los límites de la memoria (1 o 2 bytes de memoria) en el subsistema NFS del kernel de Linux en la forma en que los usuarios usan el mirroring (replicación de archivos con ... • https://bugzilla.redhat.com/show_bug.cgi?id=2034342 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 27EXPL: 1CVE-2021-4203 – kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses
https://notcve.org/view.php?id=CVE-2021-4203
25 Mar 2022 — A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. Se ha encontrado un fallo de lectura de uso de memoria previamente liberada en la función sock_getsockopt() en el archivo net/core/sock.c debido a la carrera de SO_PEERCRED y SO_PEERGROUPS con listen() (y connect()) en el kernel de Lin... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2230&can=7&q=modified-after%3Atoday-30&sort=-modified&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve&cells=tiles&redir=1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 54EXPL: 3CVE-2022-1011 – kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes
https://notcve.org/view.php?id=CVE-2022-1011
18 Mar 2022 — A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. Se ha encontrado un fallo de uso después de libre en el sistema de archivos FUSE del kernel de Linux en la forma en que un usuario activa write(). Este defecto permite a un usuario local obtener acceso no autorizado a los datos del sistema de archivos FUSE, lo que resulta en una... • https://packetstorm.news/files/id/166772 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 65%CPEs: 8EXPL: 0CVE-2022-23943 – mod_sed: Read/write beyond bounds
https://notcve.org/view.php?id=CVE-2022-23943
14 Mar 2022 — Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. Una vulnerabilidad de escritura fuera de límites en mod_sed de Apache HTTP Server permite a un atacante sobrescribir la memoria de la pila con datos posiblemente proporcionados por el atacante. Este problema afecta a Apache HTTP Server 2.4 versiones 2.4.52 y anteriores An out-of-bounds... • http://www.openwall.com/lists/oss-security/2022/03/14/1 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 23%CPEs: 24EXPL: 0CVE-2022-22721 – core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
https://notcve.org/view.php?id=CVE-2022-22721
14 Mar 2022 — If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. Si LimitXMLRequestBody está configurado para permitir cuerpos de petición de más de 350 MB (por defecto 1M) en sistemas de 32 bits, es producido un desbordamiento de enteros que causa posteriormente escrituras fuera de límites. Este problema afecta a Apache HTTP Server 2.4.52 y... • http://seclists.org/fulldisclosure/2022/May/33 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 31%CPEs: 24EXPL: 1CVE-2022-22720 – HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
https://notcve.org/view.php?id=CVE-2022-22720
14 Mar 2022 — Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling Apache HTTP Server versiones 2.4.52 y anteriores, no cierran la conexión entrante cuando son encontrados errores descartando el cuerpo de la petición, exponiendo al servidor al contrabando de peticiones HTTP A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the s... • https://github.com/Benasin/CVE-2022-22720 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 37%CPEs: 24EXPL: 0CVE-2022-22719 – mod_lua Use of uninitialized value of in r:parsebody
https://notcve.org/view.php?id=CVE-2022-22719
14 Mar 2022 — A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier. Un cuerpo de petición cuidadosamente diseñado puede causar una lectura en una zona de memoria aleatoria que podría causar al proceso un bloqueo. Este problema afecta al servidor HTTP Apache versiones 2.4.52 y anteriores A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to ... • http://seclists.org/fulldisclosure/2022/May/33 • CWE-665: Improper Initialization CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 0%CPEs: 77EXPL: 2CVE-2020-36518 – jackson-databind: denial of service via a large depth of nested objects
https://notcve.org/view.php?id=CVE-2020-36518
11 Mar 2022 — jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. jackson-databind versiones anteriores a 2.13.0, permite una excepción Java StackOverflow y una denegación de servicio por medio de una gran profundidad de objetos anidados A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects. Red Hat JBoss Enterprise Appli... • https://github.com/ghillert/boot-jackson-cve • CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •