CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-47318 – ruby-git: code injection vulnerability
https://notcve.org/view.php?id=CVE-2022-47318
ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46648. Las versiones de ruby-git anteriores a v1.13.0 permiten a un atacante remoto autenticado ejecutar un código Ruby arbitrario haciendo que un usuario cargue en el producto un repositorio que contiene un nombre de archivo especialmente manipulado. Esta vulnerabilidad es diferente de CVE-2022-46648. A code injection flaw was found in the ruby-git package. • https://github.com/ruby-git/ruby-git https://github.com/ruby-git/ruby-git/pull/602 https://jvn.jp/en/jp/JVN16765254/index.html https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KPFLSZPUM7APWVBRM5DCAY5OUVQBF4K https://access.redhat.com/security/cve/CVE-2022-47318 https://bugzilla.redhat.com/show_bug.cgi?id=2159672 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2023-23589
https://notcve.org/view.php?id=CVE-2023-23589
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. La opción SafeSocks en Tor anterior a 0.4.7.13 tiene un error lógico en el que se puede usar el protocolo SOCKS4 inseguro pero no el protocolo SOCKS4a seguro, también conocido como TROVE-2022-002. • https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc https://gitlab.torproject.org/tpo/core/tor/-/issues/40730 https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes https://lists.debian.org/debian-lts-announce/2023/01/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYOLTP6HQO2HPXUYKOR7P5YYYN7CINQQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-23559
https://notcve.org/view.php?id=CVE-2023-23559
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. En rndis_query_oid en drivers/net/wireless/rndis_wlan.c en el kernel de Linux hasta 6.1.5, hay un desbordamiento de enteros en una suma. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://patchwork.kernel.org/project/linux-wireless/patch/20230110173007.57110-1-szymon.heidrich%40gmail.com https://security.netapp.com/advisory/ntap-20230302-0003 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-2196 – Speculative execution attacks in KVM VMX
https://notcve.org/view.php?id=CVE-2022-2196
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a A flaw was found in the KVM's Intel nested virtualization feature (nVMX). Since L1 and L2 shared branch prediction modes (guest-user and guest-kernel), KVM did not protect indirect branches in L1 from steering by a malicious agent in L2. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e7eab81425ad6c875f2ed47c0ce01e78afc38a5 https://kernel.dance/#2e7eab81425a https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://access.redhat.com/security/cve/CVE-2022-2196 https://bugzilla.redhat.com/show_bug.cgi?id=2160023 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-47655
https://notcve.org/view.php?id=CVE-2022-47655
Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback<unsigned short> Libde265 1.0.9 es vulnerable al desbordamiento del búfer en la función void put_qpel_fallback • https://github.com/strukturag/libde265/issues/367 https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html https://www.debian.org/security/2023/dsa-5346 • CWE-787: Out-of-bounds Write •