Total
8852 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3028 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2023-11-07 | N/A | 7.0 HIGH |
| A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. | |||||
| CVE-2022-39958 | 3 Debian, Fedoraproject, Owasp | 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set | 2023-11-07 | N/A | 7.5 HIGH |
| The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. A restricted resource, access to which would ordinarily be detected, may be exfiltrated from the backend, despite being protected by a web application firewall that uses CRS. Short subsections of a restricted resource may bypass pattern matching techniques and allow undetected access. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively and to configure a CRS paranoia level of 3 or higher. | |||||
| CVE-2022-39957 | 3 Debian, Fedoraproject, Owasp | 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set | 2023-11-07 | N/A | 7.5 HIGH |
| The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. A client can issue an HTTP Accept header field containing an optional "charset" parameter in order to receive the response in an encoded form. Depending on the "charset", this response can not be decoded by the web application firewall. A restricted resource, access to which would ordinarily be detected, may therefore bypass detection. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively. | |||||
| CVE-2022-39956 | 3 Debian, Fedoraproject, Owasp | 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set | 2023-11-07 | N/A | 9.8 CRITICAL |
| The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass for HTTP multipart requests by submitting a payload that uses a character encoding scheme via the Content-Type or the deprecated Content-Transfer-Encoding multipart MIME header fields that will not be decoded and inspected by the web application firewall engine and the rule set. The multipart payload will therefore bypass detection. A vulnerable backend that supports these encoding schemes can potentially be exploited. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised upgrade to 3.2.2 and 3.3.3 respectively. The mitigation against these vulnerabilities depends on the installation of the latest ModSecurity version (v2.9.6 / v3.0.8). | |||||
| CVE-2022-39955 | 3 Debian, Fedoraproject, Owasp | 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set | 2023-11-07 | N/A | 9.8 CRITICAL |
| The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass by submitting a specially crafted HTTP Content-Type header field that indicates multiple character encoding schemes. A vulnerable back-end can potentially be exploited by declaring multiple Content-Type "charset" names and therefore bypassing the configurable CRS Content-Type header "charset" allow list. An encoded payload can bypass CRS detection this way and may then be decoded by the backend. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively. | |||||
| CVE-2022-39377 | 3 Debian, Fedoraproject, Sysstat Project | 3 Debian Linux, Fedora, Sysstat | 2023-11-07 | N/A | 7.8 HIGH |
| sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1. | |||||
| CVE-2022-39286 | 3 Debian, Fedoraproject, Jupyter | 3 Debian Linux, Fedora, Jupyter Core | 2023-11-07 | N/A | 8.8 HIGH |
| Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD. This vulnerability allows one user to run code as another. Version 4.11.2 contains a patch for this issue. There are no known workarounds. | |||||
| CVE-2022-39261 | 4 Debian, Drupal, Fedoraproject and 1 more | 4 Debian Linux, Drupal, Fedora and 1 more | 2023-11-07 | N/A | 7.5 HIGH |
| Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prior to 3.4.3 encounter an issue when the filesystem loader loads templates for which the name is a user input. It is possible to use the `source` or `include` statement to read arbitrary files from outside the templates' directory when using a namespace like `@somewhere/../some.file`. In such a case, validation is bypassed. Versions 1.44.7, 2.15.3, and 3.4.3 contain a fix for validation of such template names. There are no known workarounds aside from upgrading. | |||||
| CVE-2022-39190 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-11-07 | N/A | 5.5 MEDIUM |
| An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. | |||||
| CVE-2022-39188 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-11-07 | N/A | 4.7 MEDIUM |
| An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. | |||||
| CVE-2022-38784 | 3 Debian, Fedoraproject, Freedesktop | 3 Debian Linux, Fedora, Poppler | 2023-11-07 | N/A | 7.8 HIGH |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | |||||
| CVE-2022-38178 | 4 Debian, Fedoraproject, Isc and 1 more | 4 Debian Linux, Fedora, Bind and 1 more | 2023-11-07 | N/A | 7.5 HIGH |
| By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. | |||||
| CVE-2022-38177 | 4 Debian, Fedoraproject, Isc and 1 more | 4 Debian Linux, Fedora, Bind and 1 more | 2023-11-07 | N/A | 7.5 HIGH |
| By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. | |||||
| CVE-2022-38076 | 3 Debian, Fedoraproject, Intel | 15 Debian Linux, Fedora, Dual Band Wireless-ac 3165 and 12 more | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-36359 | 2 Debian, Djangoproject | 2 Debian Linux, Django | 2023-11-07 | N/A | 8.8 HIGH |
| An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input. | |||||
| CVE-2022-36351 | 3 Debian, Fedoraproject, Intel | 15 Debian Linux, Fedora, Killer and 12 more | 2023-11-07 | N/A | 6.5 MEDIUM |
| Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2022-34918 | 4 Canonical, Debian, Linux and 1 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. | |||||
| CVE-2022-34903 | 4 Debian, Fedoraproject, Gnupg and 1 more | 5 Debian Linux, Fedora, Gnupg and 2 more | 2023-11-07 | 5.8 MEDIUM | 6.5 MEDIUM |
| GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. | |||||
| CVE-2022-34526 | 4 Debian, Fedoraproject, Libtiff and 1 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2023-11-07 | N/A | 6.5 MEDIUM |
| A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities. | |||||
| CVE-2022-33745 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2023-11-07 | N/A | 8.8 HIGH |
| insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary. | |||||