CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-31214 – Gentoo Linux Security Advisory 202305-19
https://notcve.org/view.php?id=CVE-2022-31214
09 Jun 2022 — A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of availa... • https://firejail.wordpress.com/download-2/release-notes • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31031 – Potential stack buffer overflow when parsing message as a STUN client
https://notcve.org/view.php?id=CVE-2022-31031
07 Jun 2022 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their applications, either by: setting a STUN server in their account/media config in PJSUA/PJSUA2 level, or directly using `pjlib-util/stun_simple` API. A patch is available in commit 450baca which should be included in the n... • https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-2000 – Out-of-bounds Write in vim/vim
https://notcve.org/view.php?id=CVE-2022-2000
07 Jun 2022 — Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Una Escritura Fuera de Límites en el repositorio de GitHub vim/vim versiones anteriores a 8.2 It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Vim could be made to recurse infinitely. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 22EXPL: 10CVE-2022-32250 – Linux Kernel nf_tables_expr_destroy Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-32250
02 Jun 2022 — net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. El archivo net/netfilter/nf_tables_api.c en el kernel de Linux versiones hasta 5.18.1, permite a un usuario local (capaz de crear espacios de nombres de usuario/red) escalar privilegios a root porque una comprobación incorrecta de NFT_STATEFUL_EXPR conlleva a un uso de memoria previamen... • https://github.com/theori-io/CVE-2022-32250-exploit • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1968 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-1968
02 Jun 2022 — Use After Free in GitHub repository vim/vim prior to 8.2. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 8.2 It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the program to crash, use unexpected values, or execute arbitrary code. It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, o... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-416: Use After Free •
CVSS: 5.7EPSS: 0%CPEs: 20EXPL: 1CVE-2022-27774 – curl: credential leak on redirect
https://notcve.org/view.php?id=CVE-2022-27774
01 Jun 2022 — An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. Una vulnerabilidad de credenciales insuficientemente protegidas se presenta en curl versión 4.9 a e incluyen curl versión 7.82.0 están afectados que podría permitir a un atacante para extraer cred... • https://hackerone.com/reports/1543773 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-1652 – Ubuntu Security Notice USN-5582-1
https://notcve.org/view.php?id=CVE-2022-1652
31 May 2022 — Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. El Kernel de Linux podría permitir a un atacante local ejecutar código arbitrario en el sistema, causado por un fallo de uso de memoria previamente liberada concurrente en la función bad_f... • https://bugzilla.redhat.com/show_bug.cgi?id=1832397 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-31001 – Out-of-bounds Read in Sofia-SIP
https://notcve.org/view.php?id=CVE-2022-31001
31 May 2022 — Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this issue. Sofia-SIP es una biblioteca de agente de usuario del Protocolo de Iniciación de Sesión (SIP)... • https://github.com/freeswitch/sofia-sip/commit/a99804b336d0e16d26ab7119d56184d2d7110a36 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-31002 – Out-of-bounds Read in Sofia-SIP
https://notcve.org/view.php?id=CVE-2022-31002
31 May 2022 — Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue. Sofia-SIP es una librería de agente de usuario del Protocolo de Iniciación de Sesión (SIP) de código abierto. • https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2022-31003 – Heap-based Buffer Overflow and Out-of-bounds Write in Sofia-SIP
https://notcve.org/view.php?id=CVE-2022-31003
31 May 2022 — Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue. Sofia-SIP es una biblioteca de agente de usuario del Protocolo de Iniciación de Sesión (SIP... • https://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b4632a3575908c9 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •