CVSS: 6.4EPSS: 6%CPEs: 20EXPL: 1CVE-2022-31160 – jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label
https://notcve.org/view.php?id=CVE-2022-31160
20 Jul 2022 — jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( "refresh" )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing ... • https://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-2318 – Ubuntu Security Notice USN-6014-1
https://notcve.org/view.php?id=CVE-2022-2318
06 Jul 2022 — There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. Se presentan vulnerabilidades de uso de memoria previamente liberada causadas por el manejador del temporizador en el archivo net/rose/rose_timer.c de linux que permiten a atacantes bloquear el kernel de linux sin ningún privilegio Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did ... • https://github.com/torvalds/linux/commit/9cc02ede696272c5271a401e4f27c262359bc2f6 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 22EXPL: 1CVE-2022-2097 – AES OCB fails to encrypt some bytes
https://notcve.org/view.php?id=CVE-2022-2097
05 Jul 2022 — AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). • https://github.com/PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu • CWE-325: Missing Cryptographic Step CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 31%CPEs: 22EXPL: 10CVE-2022-34918 – kernel: heap overflow in nft_set_elem_init()
https://notcve.org/view.php?id=CVE-2022-34918
04 Jul 2022 — An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.9. • https://packetstorm.news/files/id/168543 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1025: Comparison Using Wrong Factors •
CVSS: 10.0EPSS: 58%CPEs: 12EXPL: 4CVE-2022-2274 – RSA implementation bug in AVX512IFMA instructions
https://notcve.org/view.php?id=CVE-2022-2274
01 Jul 2022 — The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machine... • https://github.com/Malwareman007/CVE-2022-2274 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 71%CPEs: 50EXPL: 1CVE-2022-2068 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-2068
21 Jun 2022 — In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where... • https://packetstorm.news/files/id/182466 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2022-1998 – kernel: fanotify misuses fd_install() which could lead to use-after-free
https://notcve.org/view.php?id=CVE-2022-1998
09 Jun 2022 — A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Se ha encontrado un uso de memoria previamente liberada en la funcionalidad de notificación del sistema de archivos del kernel de Linux en la forma en que el usuario activa la llamada copy_info_records_to_user() para fallar en copy_... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/notify/fanotify/fanotify_user.c?h=v5.17&id=ee12595147ac1fbfb5bcb23837e26dd58d94b15d • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2022-1671 – Ubuntu Security Notice USN-5469-1
https://notcve.org/view.php?id=CVE-2022-1671
08 Jun 2022 — A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. Se ha encontrado un fallo de desreferencia de puntero NULL en la función rxrpc_preparse_s en el archivo net/rxrpc/server_key.c en el kernel de Linux. Este fallo permite a un atacante local bloquear el sistema o filtrar información interna del kernel. It was discovered that the Linux kernel did not properly rest... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff8376ade4f668130385839cef586a0990f8ef87 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 1%CPEs: 22EXPL: 8CVE-2022-32250 – Linux Kernel nf_tables_expr_destroy Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-32250
02 Jun 2022 — net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. El archivo net/netfilter/nf_tables_api.c en el kernel de Linux versiones hasta 5.18.1, permite a un usuario local (capaz de crear espacios de nombres de usuario/red) escalar privilegios a root porque una comprobación incorrecta de NFT_STATEFUL_EXPR conlleva a un uso de memoria previamen... • https://github.com/theori-io/CVE-2022-32250-exploit • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2022-1786 – Debian Security Advisory 5161-1
https://notcve.org/view.php?id=CVE-2022-1786
31 May 2022 — A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system. Se encontró un fallo de uso de memoria previamente liberada en el subsistema io_uring del kernel de Linux en la forma en que un usuario configura un anillo con IORING_SETUP_IOPOLL con más de una tarea completando envíos en este anillo. E... • https://bugzilla.redhat.com/show_bug.cgi?id=2087760 • CWE-416: Use After Free CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •