CVE-2022-0336

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

CVE-2021-3563

A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity...

CVE-2022-2980

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259...

CVE-2022-36190

GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gfisomdoviconfigget. This vulnerability was fixed in commit fef6242...

CVE-2022-35948

undici is an HTTP/1.1 client, written from scratch for Node.js.= [email protected] users are vulnerable to CRLF Injection on headers when using unsanitized input as request headers, more specifically, inside the content-type header. Example: import request from 'undici' const unsanitizedContentTypeInp...

CVE-2022-2622

Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file...

CVE-2022-25763

Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...

CVE-2022-30629

Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption...

CVE-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

CVE-2022-34526

A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities...

CVE-2022-2415

Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

CVE-2022-1855

Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1130

Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app...

CVE-2022-34520

Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function rbinfilextrloadbuffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service DOS via a crafted binary file...

CVE-2022-21547

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Federated. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2022-21539

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of th...

CVE-2022-2304

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0...

CVE-2022-25896

This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed...

CVE-2022-32089

MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component stselectlexunit::excludelevel...

CVE-2022-32081

MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc...

CVE-2022-0085

Server-Side Request Forgery SSRF in GitHub repository dompdf/dompdf prior to 2.0.0...

CVE-2022-2120

OFFIS DCMTK's All versions prior to 3.6.7 service class user SCU is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution...

CVE-2022-33105

Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID...

CVE-2022-1836

Removed by vendor...

CVE-2022-2125

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...

CVE-2022-1783

Removed by vendor...

CVE-2022-31782

ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow...

CVE-2022-1882

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe postonenotification after freepipeinfo that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2022-31624

MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/serveraudit/serveraudit.c method logstatementex, the held lock lockbigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock...

CVE-2022-1678

An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients...

CVE-2021-42612

A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...

CVE-2022-1771

Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975...

CVE-2021-33135

Uncontrolled resource consumption in the Linux kernel drivers for IntelR SGX may allow an authenticated user to potentially enable denial of service via local access...

CVE-2022-1537

file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privilege...

CVE-2022-27114

There is a vulnerability in htmldoc 1.9.16. In imageloadjpeg function image.cxx when it calls malloc,'img-width' and 'img-height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer...

CVE-2022-24823

Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local syst...

CVE-2022-1534

Buffer Over-read at parserawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...

CVE-2022-24882

FreeRDP is a free implementation of the Remote Desktop Protocol RDP. In versions prior to 2.7.0, NT LAN Manager NTLM authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. Th...

CVE-2022-27135

xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service Segmentation fault or other unspecified effects by sending a crafted PDF file to the pdftoppm binary...

CVE-2022-24675

Removed by vendor...

CVE-2021-3624

There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...

CVE-2021-44502

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size of a memset that occurs in calls to utilformat in srunix/utiloutput.c...

CVE-2022-27383

MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component mystrcasecmp8bit, which is exploited via specially crafted SQL statements...

CVE-2022-27381

An issue in the component Field::setdefault of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

CVE-2022-27418

Tcpreplay v4.4.1 has a heap-based buffer overflow in dochecksummath at /tcpedit/checksum.c...

CVE-2021-43177

As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password OTP for one and only one immediately trailing interval. CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N...

CVE-2022-28796

jbd2journalwaitupdates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transactiont race condition...

CVE-2022-0464

Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction...

CVE-2022-27651

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby Docker Engine where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with...