CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20771 – ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20771
04 May 2022 — On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional informa... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-399: Resource Management Errors •
CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20770 – ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20770
04 May 2022 — On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information ... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27470 – Gentoo Linux Security Advisory 202407-02
https://notcve.org/view.php?id=CVE-2022-27470
04 May 2022 — SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file. Se ha detectado que SDL_ttf versiones v2.0.18 y anteriores, contienen una escritura arbitraria en memoria por medio de la función TTF_RenderText_Solid(). Esta vulnerabilidad es desencadenada por medio de un archivo TTF diseñado A vulnerability has been discovered in SDL_ttf, which can lead to arbitrary memory writes. Versions greater t... • https://github.com/libsdl-org/SDL_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448 • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 28EXPL: 4CVE-2022-29824 – libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-29824
03 May 2022 — In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. En libxml2 versiones anteriores a 2.9.14, varias funciones de manejo de búferes en buf.c (xmlBuf*) y tree.c (xmlBuffer*) no comprueban los desbor... • https://packetstorm.news/files/id/167345 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2022-29968 – Ubuntu Security Notice USN-5471-1
https://notcve.org/view.php?id=CVE-2022-29968
02 May 2022 — An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. Se ha detectado un problema en el kernel de Linux versiones hasta 5.17.5. La función io_rw_init_file en el archivo fs/io_uring.c carece de la inicialización de kiocb-)private It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot res... • https://github.com/jprx/CVE-2022-29968 • CWE-909: Missing Initialization of Resource •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2022-0984
https://notcve.org/view.php?id=CVE-2022-0984
29 Apr 2022 — Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. Los usuarios con capacidad para configurar los criterios de las insignias (profesores y administradores por defecto) podían configurar las insignias del curso con los criterios del campo de perfil, que sólo deberían estar disponibles para las insignias del sitio • https://bugzilla.redhat.com/show_bug.cgi?id=2064118 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 32%CPEs: 20EXPL: 3CVE-2022-1227 – psgo: Privilege escalation in 'podman top'
https://notcve.org/view.php?id=CVE-2022-1227
29 Apr 2022 — A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. Se ha encontrado un fallo de escalada de privilegios en Podman. • https://github.com/iridium-soda/CVE-2022-1227_Exploit • CWE-269: Improper Privilege Management CWE-281: Improper Preservation of Permissions •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2022-29869 – Gentoo Linux Security Advisory 202311-05
https://notcve.org/view.php?id=CVE-2022-29869
28 Apr 2022 — cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. cifs-utils versiones hasta 6.14, con registro detallado, puede causar un filtrado de información cuando un archivo contiene caracteres = (signo de igualdad) pero no es un archivo de credenciales válido Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use th... • https://github.com/piastry/cifs-utils/commit/8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2022-24736 – A Malformed Lua script can crash Redis
https://notcve.org/view.php?id=CVE-2022-24736
27 Apr 2022 — Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules. Redis... • https://github.com/redis/redis/pull/10651 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 1%CPEs: 12EXPL: 1CVE-2022-24735 – Lua scripts can be manipulated to overcome ACL rules in Redis
https://notcve.org/view.php?id=CVE-2022-24735
27 Apr 2022 — Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weakne... • https://github.com/redis/redis/pull/10651 • CWE-94: Improper Control of Generation of Code ('Code Injection') •