CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2022-24884 – Trivial signature forgery in ecdsautils
https://notcve.org/view.php?id=CVE-2022-24884
05 May 2022 — ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and th... • https://github.com/freifunk-gluon/ecdsautils/commit/1d4b091abdf15ad7b2312535b5b95ad70f6dbd08 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-1516 – Ubuntu Security Notice USN-6014-1
https://notcve.org/view.php?id=CVE-2022-1516
05 May 2022 — A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. Se ha encontrado un fallo de desreferencia de puntero NULL en la funcionalidad del conjunto de protocolos de red estandarizados X.25 del kernel de Linux en la forma en que un usuario termina su sesión usando una tarjeta Ether... • http://www.openwall.com/lists/oss-security/2022/06/19/1 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 1%CPEs: 6EXPL: 0CVE-2022-24903 – Buffer overflow in TCP syslog server (receiver) components in rsyslog
https://notcve.org/view.php?id=CVE-2022-24903
05 May 2022 — Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. • https://github.com/rsyslog/rsyslog/commit/f211042ecbb472f9d8beb4678a65d272b6f07705 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 9.8EPSS: 13%CPEs: 17EXPL: 1CVE-2022-29155 – Ubuntu Security Notice USN-5424-2
https://notcve.org/view.php?id=CVE-2022-29155
04 May 2022 — In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping. En OpenLDAP versiones 2.x anteriores a 2.5.12 y versiones 2.6.x anteriores a 2.6.2, se presenta una vulnerabilidad de inyección SQL en el backend experimental back-sql de slapd, por medio de una sentencia SQL dentr... • https://bugs.openldap.org/show_bug.cgi?id=9815 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2022-20796 – ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20796
04 May 2022 — On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. El 4 de mayo de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 ... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-476: NULL Pointer Dereference CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-20785 – ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20785
04 May 2022 — On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20771 – ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20771
04 May 2022 — On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional informa... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-399: Resource Management Errors •
CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20770 – ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20770
04 May 2022 — On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information ... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-399: Resource Management Errors •
CVSS: 7.4EPSS: 0%CPEs: 28EXPL: 4CVE-2022-29824 – libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-29824
03 May 2022 — In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. En libxml2 versiones anteriores a 2.9.14, varias funciones de manejo de búferes en buf.c (xmlBuf*) y tree.c (xmlBuffer*) no comprueban los desbor... • https://packetstorm.news/files/id/167345 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 76%CPEs: 59EXPL: 5CVE-2022-1292 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-1292
03 May 2022 — The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). • https://github.com/alcaparra/CVE-2022-1292 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •