CVSS: 10.0EPSS: 92%CPEs: 31EXPL: 5CVE-2022-37434 – zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
https://notcve.org/view.php?id=CVE-2022-37434
05 Aug 2022 — zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). zlib versiones hasta 1.2.12, presenta una lectura excesiva de búfer en la región heap de la memoria o desbordamiento de búfer en el archivo inflate.c por medio de un cam... • https://github.com/xen0bit/CVE-2022-37434_poc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 2CVE-2022-36123
https://notcve.org/view.php?id=CVE-2022-36123
29 Jul 2022 — The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. El kernel de Linux versiones anteriores a 5.18.13, carece de una determinada operación de borrado para el símbolo de inicio de bloque (.bss). Esto permite a usuarios del SO huésped Xen PV causar una denegación de servicio o conseguir privilegios • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13 •
CVSS: 5.5EPSS: 0%CPEs: 44EXPL: 0CVE-2022-36879 – kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice
https://notcve.org/view.php?id=CVE-2022-36879
27 Jul 2022 — An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.14. la función xfrm_expand_policies en el archivo net/xfrm/xfrm_policy.c puede causar que un refcount sea descartado dos veces A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the re... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 • CWE-911: Improper Update of Reference Count •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 0CVE-2022-1973 – Ubuntu Security Notice USN-5599-1
https://notcve.org/view.php?id=CVE-2022-1973
21 Jul 2022 — A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. Se encontró un defecto de uso de memoria previamente liberada en el kernel de Linux en la función log_replay en el archivo fs/ntfs3/fslog.c en el diario NTFS. Este fallo permite a un atacante local bloquear el sistema y conlleva a un problema de filtrado de información del kernel It was discovered that... • https://bugzilla.redhat.com/show_bug.cgi?id=2092542 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 6%CPEs: 20EXPL: 1CVE-2022-31160 – jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label
https://notcve.org/view.php?id=CVE-2022-31160
20 Jul 2022 — jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( "refresh" )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing ... • https://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-2318 – Ubuntu Security Notice USN-6014-1
https://notcve.org/view.php?id=CVE-2022-2318
06 Jul 2022 — There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. Se presentan vulnerabilidades de uso de memoria previamente liberada causadas por el manejador del temporizador en el archivo net/rose/rose_timer.c de linux que permiten a atacantes bloquear el kernel de linux sin ningún privilegio Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did ... • https://github.com/torvalds/linux/commit/9cc02ede696272c5271a401e4f27c262359bc2f6 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 22EXPL: 1CVE-2022-2097 – AES OCB fails to encrypt some bytes
https://notcve.org/view.php?id=CVE-2022-2097
05 Jul 2022 — AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). • https://github.com/PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu • CWE-325: Missing Cryptographic Step CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 31%CPEs: 22EXPL: 10CVE-2022-34918 – kernel: heap overflow in nft_set_elem_init()
https://notcve.org/view.php?id=CVE-2022-34918
04 Jul 2022 — An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.9. • https://packetstorm.news/files/id/168543 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1025: Comparison Using Wrong Factors •
CVSS: 10.0EPSS: 58%CPEs: 12EXPL: 4CVE-2022-2274 – RSA implementation bug in AVX512IFMA instructions
https://notcve.org/view.php?id=CVE-2022-2274
01 Jul 2022 — The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machine... • https://github.com/Malwareman007/CVE-2022-2274 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 31EXPL: 1CVE-2022-32205 – Gentoo Linux Security Advisory 202212-01
https://notcve.org/view.php?id=CVE-2022-32205
28 Jun 2022 — A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-770: Allocation of Resources Without Limits or Throttling •