71772 matches found
CVE-2022-31175
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...
CVE-2022-31606
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape, where a failure to properly validate data might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode, which could lead to denia...
CVE-2022-31607
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure...
CVE-2022-1872
Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page...
CVE-2022-1499
Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...
CVE-2022-32323
AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660...
CVE-2022-2304
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0...
CVE-2022-34918
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. The attacker can obtain root access, but must start with an...
CVE-2022-34903
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints e.g., use of GPGME are met, allows signature forgery via injection into the status line...
CVE-2021-40609
The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command...
CVE-2022-33070
Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...
CVE-2021-41682
There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecmacompareecmanondirectstrings in JerryScript 2.4.0...
CVE-2022-2125
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...
CVE-2022-30780
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service CPU consumption from stuck connections because connectionreadheadermore in connections.c has a typo that disrupts use of multiple read operations on large headers...
CVE-2022-26944
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONASCHEMA.xtrabackuphistory table. NOTE:...
CVE-2022-1462
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user to crash the...
CVE-2022-31744
An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR 91.11, Thunderbird 102, Thunderbird 91.11, and Firefox 101...
CVE-2022-31620
In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...
CVE-2022-1529
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR 91.9.1...
CVE-2022-1771
Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975...
CVE-2022-1552
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activated relevant protections too late or no...
CVE-2022-1621
Heap buffer overflow in vimstrncpy findword in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution...
CVE-2022-27114
There is a vulnerability in htmldoc 1.9.16. In imageloadjpeg function image.cxx when it calls malloc,'img-width' and 'img-height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer...
CVE-2022-29914
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
CVE-2022-24735
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the potentially higher privileges of another Redis user. The Lua scri...
CVE-2022-21414
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2022-21435
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2022-21485
Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...
CVE-2022-21426
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
CVE-2022-24851
LDAP Account Manager LAM is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and hence leads to stored XSS attacks. An authenticated user can store XSS...
CVE-2022-26361
IOMMU: RMRR VT-d and unity map AMD-Vi handling issues This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region...
CVE-2022-24790
Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. Thi...
CVE-2020-35501
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem...
CVE-2022-28202
An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...
CVE-2022-24771
Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses...
CVE-2022-24728
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content...
CVE-2021-23165
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdfprepareoutpages, in ps-pdf.cxx may lead to execute arbitrary code and denial of service...
CVE-2021-32476
A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...
CVE-2022-26382
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox 98...
CVE-2022-26486
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...
CVE-2022-0545
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is...
CVE-2022-24585
A stored cross-site scripting XSS vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter...
CVE-2022-24586
A stored cross-site scripting XSS vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters...
CVE-2022-22754
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...
CVE-2022-23808
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...
CVE-2022-21291
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
CVE-2022-22743
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
CVE-2022-22751
Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with...
CVE-2021-45930
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend called from QPainterPath::addPath and QPathClipper::intersect...
CVE-2021-23450
All versions of package dojo are vulnerable to Prototype Pollution via the setObject function...