CVSS: 7.6EPSS: 0%CPEs: 13EXPL: 0CVE-2022-1274 – keycloak: HTML injection in execute-actions-email Admin REST API
https://notcve.org/view.php?id=CVE-2022-1274
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users. • https://bugzilla.redhat.com/show_bug.cgi?id=2073157 https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725 https://herolab.usd.de/security-advisories/usd-2021-0033 https://access.redhat.com/security/cve/CVE-2022-1274 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2023-0494 – X.Org Server DeepCopyPointerClasses Use-After-Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-0494
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DeepCopyPointerClasses function. • https://bugzilla.redhat.com/show_bug.cgi?id=2165995 https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec https://lists.x.org/archives/xorg-announce/2023-February/003320.html https://security.gentoo.org/glsa/202305-30 https://access.redhat.com/security/cve/CVE-2023-0494 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2021-3659 – kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c
https://notcve.org/view.php?id=CVE-2021-3659
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo de desreferencia de puntero NULL en el subsistema de red inalámbrica IEEE versión 802.15.4 del kernel de Linux en la forma en que el usuario cierra la conexión LR-WPAN. Este fallo permite a un usuario local bloquear el sistema. • https://access.redhat.com/security/cve/CVE-2021-3659 https://bugzilla.redhat.com/show_bug.cgi?id=1975949 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1165affd484889d4986cf3b724318935a0b120d8 • CWE-252: Unchecked Return Value CWE-476: NULL Pointer Dereference •
CVSS: 6.9EPSS: 0%CPEs: 40EXPL: 0CVE-2021-3696 – grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
https://notcve.org/view.php?id=CVE-2021-3696
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. Puede producirse una escritura fuera de límites de la pila durante el manejo de las tablas Huffman en el lector PNG. • https://bugzilla.redhat.com/show_bug.cgi?id=1991686 https://security.gentoo.org/glsa/202209-12 https://security.netapp.com/advisory/ntap-20220930-0001 https://access.redhat.com/security/cve/CVE-2021-3696 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0CVE-2021-3697 – grub2: Crafted JPEG image can lead to buffer underflow write in the heap
https://notcve.org/view.php?id=CVE-2021-3697
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. Una imagen JPEG diseñada puede conllevar que el lector de JPEG desborde su puntero de datos, permitiendo que los datos controlados por el usuario sean escritos en la pila. • https://bugzilla.redhat.com/show_bug.cgi?id=1991687 https://security.gentoo.org/glsa/202209-12 https://security.netapp.com/advisory/ntap-20220930-0001 https://access.redhat.com/security/cve/CVE-2021-3697 • CWE-787: Out-of-bounds Write •