CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-31214 – Gentoo Linux Security Advisory 202305-19
https://notcve.org/view.php?id=CVE-2022-31214
09 Jun 2022 — A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of availa... • https://firejail.wordpress.com/download-2/release-notes • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-2000 – Out-of-bounds Write in vim/vim
https://notcve.org/view.php?id=CVE-2022-2000
07 Jun 2022 — Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Una Escritura Fuera de Límites en el repositorio de GitHub vim/vim versiones anteriores a 8.2 It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Vim could be made to recurse infinitely. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31031 – Potential stack buffer overflow when parsing message as a STUN client
https://notcve.org/view.php?id=CVE-2022-31031
07 Jun 2022 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their applications, either by: setting a STUN server in their account/media config in PJSUA/PJSUA2 level, or directly using `pjlib-util/stun_simple` API. A patch is available in commit 450baca which should be included in the n... • https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 22EXPL: 10CVE-2022-32250 – Linux Kernel nf_tables_expr_destroy Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-32250
02 Jun 2022 — net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. El archivo net/netfilter/nf_tables_api.c en el kernel de Linux versiones hasta 5.18.1, permite a un usuario local (capaz de crear espacios de nombres de usuario/red) escalar privilegios a root porque una comprobación incorrecta de NFT_STATEFUL_EXPR conlleva a un uso de memoria previamen... • https://github.com/theori-io/CVE-2022-32250-exploit • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1968 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-1968
02 Jun 2022 — Use After Free in GitHub repository vim/vim prior to 8.2. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 8.2 It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the program to crash, use unexpected values, or execute arbitrary code. It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, o... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-416: Use After Free •
CVSS: 5.7EPSS: 0%CPEs: 20EXPL: 1CVE-2022-27774 – curl: credential leak on redirect
https://notcve.org/view.php?id=CVE-2022-27774
01 Jun 2022 — An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. Una vulnerabilidad de credenciales insuficientemente protegidas se presenta en curl versión 4.9 a e incluyen curl versión 7.82.0 están afectados que podría permitir a un atacante para extraer cred... • https://hackerone.com/reports/1543773 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-1652 – Ubuntu Security Notice USN-5582-1
https://notcve.org/view.php?id=CVE-2022-1652
31 May 2022 — Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. El Kernel de Linux podría permitir a un atacante local ejecutar código arbitrario en el sistema, causado por un fallo de uso de memoria previamente liberada concurrente en la función bad_f... • https://bugzilla.redhat.com/show_bug.cgi?id=1832397 • CWE-416: Use After Free •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1462 – kernel: possible race condition in drivers/tty/tty_buffers.c
https://notcve.org/view.php?id=CVE-2022-1462
31 May 2022 — An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory. Se ha encontrado un fallo de lectura fuera de límites en el subsistema TeleTYpe del kernel de Linux. El problema es producido en la forma en que un usuario desenc... • https://bugzilla.redhat.com/show_bug.cgi?id=2078466 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-366: Race Condition within a Thread •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1942 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-1942
31 May 2022 — Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento de Búfer en la Región Heap de la Memoria en el repositorio de GitHub vim/vim versiones anteriores a 8.2 It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-31001 – Out-of-bounds Read in Sofia-SIP
https://notcve.org/view.php?id=CVE-2022-31001
31 May 2022 — Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this issue. Sofia-SIP es una biblioteca de agente de usuario del Protocolo de Iniciación de Sesión (SIP)... • https://github.com/freeswitch/sofia-sip/commit/a99804b336d0e16d26ab7119d56184d2d7110a36 • CWE-125: Out-of-bounds Read •