CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2022-4170
https://notcve.org/view.php?id=CVE-2022-4170
The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. El paquete rxvt-unicode es vulnerable a la ejecución remota de código, en la extensión en segundo plano de Perl, cuando un atacante puede controlar los datos escritos en el terminal del usuario y se configuran ciertas opciones. • https://bugzilla.redhat.com/show_bug.cgi?id=2151597 https://security.gentoo.org/glsa/202310-20 https://www.openwall.com/lists/oss-security/2022/12/05/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-4144 – QEMU: QXL: qxl_phys2virt unsafe address translation can lead to out-of-bounds read
https://notcve.org/view.php?id=CVE-2022-4144
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition. Se encontró una falla de lectura fuera de los límites en la emulación del dispositivo de visualización QXL en QEMU. La función qxl_phys2virt() no verifica el tamaño de la estructura a la que apunta la dirección física del invitado, lo que potencialmente lee más allá del final del espacio de la barra en páginas adyacentes. • https://bugzilla.redhat.com/show_bug.cgi?id=2148506 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html https://security.netapp.com/advisory/ntap-20230127-0012 https://access.redhat.com/security/cve/CVE-2022-4144 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-45152
https://notcve.org/view.php?id=CVE-2022-45152
A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems. This vulnerability allows a remote attacker to perform SSRF attacks. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71920 https://bugzilla.redhat.com/show_bug.cgi?id=2142775 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB https://moodle.org/mod/foru • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-40316
https://notcve.org/view.php?id=CVE-2022-40316
The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. El informe de intentos de actividad de H5P no filtró por grupos, lo que en el modo de grupos separados podría revelar información a profesores no editores sobre intentos/usuarios en grupos a los que no deberían tener acceso • https://bugzilla.redhat.com/show_bug.cgi?id=2128151 https://moodle.org/mod/forum/discuss.php?d=438395 • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-40315
https://notcve.org/view.php?id=CVE-2022-40315
A limited SQL injection risk was identified in the "browse list of users" site administration page. Se ha identificado un riesgo limitado de inyección SQL en la página de administración del sitio "browse list of users" • https://bugzilla.redhat.com/show_bug.cgi?id=2128150 https://moodle.org/mod/forum/discuss.php?d=438394 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •