Page 50 of 1536 results (0.009 seconds)

CVSS: 8.8EPSS: 5%CPEs: 8EXPL: 0

CVE-2022-46344 – X.Org Server ProcXIChangeProperty Numeric Truncation Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2022-46344

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. Se encontró una vulnerabilidad en X.Org. Esta falla de seguridad se produce porque el controlador de la solicitud XIChangeProperty tiene problemas de validación de longitud, lo que genera lecturas de memoria fuera de los límites y una posible divulgación de información. • http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/security/cve/CVE-2022-46344 https://bugzilla.redhat.com/show_bug.cgi?id=2151760 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J36 • CWE-125: Out-of-bounds Read •

CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0

CVE-2022-3916 – Keycloak: session takeover with oidc offline refreshtokens

https://notcve.org/view.php?id=CVE-2022-3916

A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user. Se encontró una falla en el alcance offline_access en Keycloak. Este problema afectaría más a los usuarios de ordenadores compartidos (especialmente si las cookies no se borran), debido a la falta de validación de la sesión root y a la reutilización de los identificadores de sesión en las sesiones de autenticación de usuario y root. • https://access.redhat.com/errata/RHSA-2022:8961 https://access.redhat.com/errata/RHSA-2022:8962 https://access.redhat.com/errata/RHSA-2022:8963 https://access.redhat.com/errata/RHSA-2022:8964 https://access.redhat.com/errata/RHSA-2022:8965 https://access.redhat.com/errata/RHSA-2023:1043 https://access.redhat.com/errata/RHSA-2023:1044 https://access.redhat.com/errata/RHSA-2023:1045 https://access.redhat.com/errata/RHSA-2023:1047 https://access.redhat.com/errata/RHSA • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •

CVSS: 8.6EPSS: 0%CPEs: 12EXPL: 0

CVE-2022-2601 – grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

https://notcve.org/view.php?id=CVE-2022-2601

A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. Se encontró un desbordamiento del búfer en grub_font_construct_glyph(). Una fuente pf2 manipulada maliciosamente puede provocar un desbordamiento al calcular el valor max_glyph_size, asignando un búfer más pequeño de lo necesario para el glifo, lo que además provoca un desbordamiento del búfer y una escritura fuera de los límites basada en el heap. • https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0 https://security.gentoo.org/glsa/202311-14 https://security.netapp.com/advisory/ntap-20230203-0004 https://access.redhat.com/security/cve/CVE-2022-2601 https://bugzilla.redhat.com/show_bug.cgi?id=2112975 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-3500 – keylime: exception handling and impedance match in tornado_requests

https://notcve.org/view.php?id=CVE-2022-3500

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore. Se encontró una vulnerabilidad en keylime. Este problema de seguridad ocurre en algunas circunstancias, debido a algunas excepciones manejadas incorrectamente, existe la posibilidad de que un agente deshonesto pueda crear errores en el verificador que detuviera los intentos de atestación para ese host dejándolo en un estado atestado pero sin verificarlo más. A vulnerability was found in keylime. • https://access.redhat.com/security/cve/CVE-2022-3500 https://github.com/keylime/keylime/pull/1128 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z https://bugzilla.redhat.com/show_bug.cgi?id=2135343 • CWE-248: Uncaught Exception •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2022-3821 – systemd: buffer overrun in format_timespan() function

https://notcve.org/view.php?id=CVE-2022-3821

An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Se descubrió un problema de error de uno en uno en Systemd en la función format_timespan() de time-util.c. Un atacante podría proporcionar valores específicos de tiempo y precisión que provoquen una saturación del búfer en format_timespan(), lo que provocará una Denegación de Servicio (DoS). An off-by-one error flaw was found in systemd in the format_timespan() function of time-util.c. • https://bugzilla.redhat.com/show_bug.cgi?id=2139327 https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e https://github.com/systemd/systemd/issues/23928 https://github.com/systemd/systemd/pull/23933 https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P https://security.gentoo.org/glsa/202305-15 https://access.redhat.com/security/cve/CVE-2022- • CWE-193: Off-by-one Error •