Todo Lists

Scheduled advisories

Advisory Group Package Severity Type
ASA-202410-1 AVG-2857 oath-toolkit High privilege escalation

Pending advisories

Group Package Severity Affected Fixed Ticket
AVG-2833 glibc, lib32-glibc Unknown 2.37-1 2.37-2
AVG-2844 libcue Critical 2.2.1-3 2.2.1-4
AVG-2845 curl, libcurl-gnutls, libcurl-compat High 8.3.0-1 8.4.0-1
AVG-2846 lib32-curl, lib32-libcurl-gnutls, lib32-libcurl-compat High 8.3.0-1 8.4.0-1
AVG-2852 nodejs High 21.7.1-1 21.7.2-1
AVG-2853 nodejs-lts-iron High 20.11.1-1 20.12.1-1
AVG-2854 nodejs-lts-hydrogen High 18.18.2-2 18.20.1-1
AVG-1390 openjpeg2 Medium 2.4.0-1 2.5.0-1
AVG-2178 aspell Medium 0.60.8-2 0.60.8-3 FS#71554
AVG-2396 libde265 Medium 1.0.8-1 1.0.10-1
AVG-2702 openssl Medium 1.1.1.n-1 1.1.1.o-1
AVG-2841 web-ext Medium 7.6.0-1 7.6.1-1
AVG-2848 openssl Medium 3.1.3-1 3.1.4-1
AVG-2849 lib32-openssl Medium 1:3.1.3-1 1:3.1.4-1
AVG-2856 krb5 Medium 1.21.2-1 1.21.3-1
AVG-1742 avahi Low 0.8+22+gfd482a7-3 1:0.8+r127+g55d783d-1

Bumped packages

Group Package Severity Affected Current Ticket
AVG-2847 minizip Critical 1:1.3-1 1:1.3.1-2 [core]
AVG-2762 grub High 2:2.06-5 2:2.12-3 [core]
AVG-2701 linux-lts High 5.15.14-1 6.6.56-1 [core-testing]
6.6.54-1 [core]
AVG-2275 nim High 1.4.8-1 2.0.8-1 [extra]
AVG-2272 exim High 4.95-2 4.98-1 [extra]
AVG-2190 jre8-openjdk-headless, jdk8-openjdk High 8.u292-1 8.422.u05-1 [extra]
AVG-2850 openjpeg2 Medium 2.5.0-3 2.5.2-1 [extra]
AVG-2765 openssl Medium 1.1.1.o-1 3.3.2-1 [core]
AVG-2721 libtiff Medium 4.3.0-2 4.7.0-1 [extra]
FS#74772
AVG-2683 linux-lts Medium 5.15.34-1 6.6.56-1 [core-testing]
6.6.54-1 [core]
AVG-2663 python-twisted Medium 21.7.0-4 24.3.0-2 [extra]
FS#74362
AVG-2646 teeworlds Medium 0.7.5-1 0.7.5-3 [extra]
AVG-2631 cpanminus Medium 1.7044-5 1.7047-2 [extra]
AVG-2630 perl Medium 5.34.0-3 5.40.0-1 [core]
AVG-2616 privoxy Medium 3.0.32-1 3.0.34-3 [extra]
AVG-2576 librecad Medium 2.1.3-6 2.2.0.2-2 [extra]
AVG-2520 libheif Medium 1.12.0-2 1.18.2-2 [extra]
AVG-2493 gitlab-gitaly Medium 14.3.0-3 17.4.2-1 [extra]
AVG-2406 redis Medium 6.2.6-1 7.2.5-1 [extra]
AVG-2405 libgig Medium 4.3.0-3 4.4.1-1 [extra]
AVG-2394 kube-apiserver Medium 1.23.0-1 1.31.1-1 [extra]
AVG-2367 openvpn Medium 2.5.5-1 2.6.12-1 [extra]
AVG-2345 linux Medium 5.15.8.arch1-1 6.11.3.arch1-1 [core-testing]
6.11.2.arch1-1 [core]
AVG-2313 apr Medium 1.7.0-3 1.7.5-3 [extra]
AVG-2264 perl Medium 5.34.0-3 5.40.0-1 [core]
AVG-2262 cpio Medium 2.13-2 2.15-2 [extra]
AVG-2186 lib32-libsndfile Medium 1.0.31-1 1.2.2-2 [multilib]
AVG-2142 prusa-slicer Medium 2.3.3-3 2.8.1-2 [extra]
AVG-2117 keystone Medium 0.9.2-2 0.9.2-6 [extra]
AVG-2114 tensorflow Medium 2.7.0-4 2.18rc0-1 [extra]
AVG-2111 dcraw Medium 9.28.0-2 9.28.0-5 [extra]
AVG-2102 nginx Medium 1.20.2-1 1.26.2-1 [extra]
AVG-2101 vsftpd Medium 3.0.3-7 3.0.5-1 [extra]
AVG-2100 sox Medium 14.4.2-7 14.4.2+r184+gf3094754-1 [extra]
AVG-2067 opendmarc Medium 1.4.1.1-2 1.4.2-4 [extra]
FS#72812
AVG-2048 ming Medium 0.4.8.r68.g04aee523-3 0.4.8.r68.g04aee523-6 [extra]
AVG-2014 lib32-libgcrypt15 Medium 1.5.6-5 1.5.6-8 [multilib]
AVG-2013 libgcrypt15 Medium 1.5.6-4 1.5.6-6 [extra]
AVG-1977 gocr Medium 0.52-2 0.52-3 [extra]
AVG-1957 python-flask-caching Medium 1.10.1-3 2.3.0-1 [extra]
AVG-1941 ansible-core Medium 2.12.1-1 2.17.5-1 [extra]
AVG-1892 wget Medium 1.21.3-1 1.24.5-3 [extra]
AVG-1881 linux-hardened Medium 5.15.7.hardened1-1 6.10.12.hardened1-1 [extra]
AVG-1880 linux-zen Medium 5.15.8.zen1-1 6.11.3.zen1-1 [extra-testing]
6.11.2.zen1-1 [extra]
AVG-1879 linux Medium 5.15.8.arch1-1 6.11.3.arch1-1 [core-testing]
6.11.2.arch1-1 [core]
AVG-1855 giflib Medium 5.2.1-2 5.2.2-1 [extra]
AVG-1823 gpac Medium 1:1.0.1-1 1:2.4.0-1 [extra]
AVG-1782 gnuchess Medium 6.2.9-1 6.2.9-3 [extra]
AVG-1676 upx Medium 3.96-2 4.2.4-1 [extra]
AVG-1516 evolution Medium 3.42.2-1 3.54.0-1 [extra]
AVG-1486 bitcoin-daemon Medium 22.0-1 27.1-1 [extra]
AVG-1441 python-m2crypto Medium 0.38.0-3 0.41.0-2 [extra]
AVG-1427 podofo Medium 0.9.7-1 0.10.3-1 [extra]
AVG-1420 xdg-utils Medium 1.1.3+19+g9816ebb-1 1.2.1-1 [extra]
AVG-1360 edk2-shell Medium 202111-4 202311-1 [extra]
AVG-1354 xerces-c Medium 3.2.3-5 3.2.5-2 [extra]
AVG-1346 phpldapadmin Medium 1.2.6.2-2 1.2.6.7-1 [extra]
AVG-1342 pass Medium 1.7.4-1 1.7.4-5 [extra]
AVG-2644 mruby Low 3.0.0-1 3.3.0-1 [extra]
AVG-2615 ruby-bundler Low 2.2.26-1 2.5.16-1 [extra-testing]
2.5.11-2 [extra]
AVG-2569 go-ethereum Low 1.10.13-1 1.14.11-1 [extra]
AVG-2537 lua52 Low 5.2.4-5 5.2.4-7 [extra]
AVG-2536 lua53 Low 5.3.6-1 5.3.6-3 [extra]
AVG-2404 faust Low 2.37.3-1 2.75.7-2 [extra]
AVG-2372 python-rencode Low 1.0.6-7 1.0.6-9 [extra]
AVG-2325 nasm Low 2.15.05-1 2.16.03-1 [extra]
AVG-2254 libelfin Low 0.3-2 0.3.r7.ge017276-1 [extra]
AVG-2207 darkhttpd Low 1.13-1 1.16-1 [extra]
AVG-2091 manuskript Low 0.12.0-1 0.16.1-1 [extra]
AVG-2089 python-mpmath Low 1.2.1-5 1.3.0-3 [extra]
AVG-2021 lib32-libjpeg6-turbo Low 1.5.3-2 1.5.3-3 [multilib]
AVG-1915 kube-apiserver, kubelet, kube-proxy, kube-scheduler, kube-controller-manager Low 1.23.0-1 1.31.1-1 [extra]
AVG-1896 samurai Low 1.2-2 1.2-3 [extra]
AVG-1777 vigra Low 1.11.1.r45+g8acd73a5-5 1.12.1-1 [extra]
AVG-1733 p7zip Low 1:17.04-3 1:17.05-2 [extra]
AVG-1673 kexec-tools Low 2.0.21-1 2.0.29-2 [extra]
AVG-1594 linux Low 5.15.8.arch1-1 6.11.3.arch1-1 [core-testing]
6.11.2.arch1-1 [core]
AVG-1370 python-jsonpickle Low 1.5.2-3 3.0.2-2 [extra]
AVG-1311 audacity Low 1:2.4.1-4 1:3.6.4-1 [extra]
AVG-1302 lua51 Low 5.1.5-9 5.1.5-12 [extra]
FS#68703
AVG-366 vorbis-tools Low 1.4.2-2 1.4.2-5 [extra]

Undetermined groups

Group Package Severity Affected Status
AVG-2725 containerd Unknown 1.6.0-2 Unknown
AVG-2764 ruby-puma High 5.6.3-1 Unknown
AVG-2780 wpewebkit Unknown 2.36.3-1 Unknown
AVG-2781 python-pyjwt Unknown 2.3.0-1 Unknown
AVG-2787 grails Critical 5.1.8-1 Unknown
AVG-2799 blender Unknown 17:3.0.1-6 Unknown
AVG-2809 python-django Unknown 4.1-1 Unknown
AVG-2816 squid Unknown 5.6-1 Unknown
AVG-2818 connman Unknown 1.41-1 Unknown
AVG-2820 wpewebkit Unknown 2.36.7-1 Unknown
AVG-2827 grunt-cli Unknown 1.5.2-1 Unknown
AVG-2834 linux-lts High 5.15.94-1 Unknown
AVG-2835 linux-hardened High 6.0.19-1 Unknown
AVG-2836 linux-zen High 6.0.12-1 Unknown
AVG-2842 libtiff Unknown 4.4.0-1 Unknown
AVG-2843 vim Unknown 9.0.1224-1 Unknown

Issues missing details

Issue Severity Remote Type Description
CVE-2023-25139 Unknown Unknown Unknown
buffer overflow in sprintf(3) due to a regression where after the refactor the...
CVE-2023-25136 Unknown Yes Unknown
pre-authentication double-free in unpriviledged sandboxed client process when the...
CVE-2023-25012 Unknown Unknown Unknown
Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device...
CVE-2023-23455 Unknown Unknown Insufficient validation
the return code of of tcf_classify is insufficiently validated before interpreting part of...
CVE-2023-23454 Unknown Unknown Denial of service
cbq_classify in net/sched/sch_cbq.c allows attackers to cause a denial of service...
CVE-2023-0433 Unknown Unknown Unknown
CVE-2023-0394 Unknown Unknown Unknown
memory corruption with IPV6_CHECKSUM socket option
CVE-2023-0288 Unknown Unknown Unknown
CVE-2023-0266 Unknown Unknown Unknown
CVE-2023-0122 Unknown Unknown Unknown
CVE-2023-0054 Unknown Unknown Unknown
CVE-2023-0049 Unknown Unknown Unknown
CVE-2022-48281 Unknown Unknown Unknown
CVE-2022-47946 Unknown Unknown Denial of service
use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the...
CVE-2022-47942 Unknown Unknown Unknown
heap-overflow in set_ntacl_dacl() when setting a malformed file attribute under the label...
CVE-2022-47941 Unknown Unknown Unknown
memory leak in smb2_handle_negotiate() under error conditions
CVE-2022-47940 Unknown Unknown Insufficient validation
smb2_write() and smb2_write_pipe do not avlidate the length when no padding is used
CVE-2022-47939 Unknown Unknown Unknown
use-after-free in smb2_tree_disconnect) when a danging pointer is accessed in compound requests
CVE-2022-47938 Unknown Unknown Unknown
out of bound read in smb2_tree_connnect
CVE-2022-47929 Unknown Unknown Unknown
null pointer dereference in net/sched/sch_api.c
CVE-2022-47629 Unknown Unknown Unknown
CVE-2022-47024 Unknown Unknown Unknown
CVE-2022-45141 Unknown Unknown Unknown
CVE-2022-43945 Unknown Unknown Unknown
send buffer overflow in NFSv2 READDIR
CVE-2022-4382 Unknown Unknown Unknown
use-after-free in in gadgetfs driver when concurrently mounting and unmounting the gadgetfs...
CVE-2022-4379 Unknown Unknown Unknown
CVE-2022-4378 Unknown Unknown Unknown
integer type confusion in get_proc_long
CVE-2022-43750 Unknown No Unknown
userspace can cause kernel memory corruption in drivers/usb/mon/mon_bin.c
CVE-2022-42898 Unknown Unknown Unknown
CVE-2022-42703 Unknown Unknown Unknown
CVE-2022-42329 Unknown Unknown Unknown
CVE-2022-42265 Unknown Unknown Unknown
CVE-2022-42264 Unknown Unknown Unknown
CVE-2022-42263 Unknown Unknown Unknown
CVE-2022-42259 Unknown Unknown Unknown
CVE-2022-42258 Unknown Unknown Unknown
CVE-2022-42257 Unknown Unknown Unknown
CVE-2022-42256 Unknown Unknown Unknown
CVE-2022-42255 Unknown Unknown Unknown
CVE-2022-42254 Unknown Unknown Unknown
CVE-2022-42012 Unknown Unknown Unknown
A message in non-native endianness with out-of-band Unix file descriptors would cause a...
CVE-2022-42011 Unknown Unknown Unknown
An invalid array of fixed-length elements where the length of the array is not a multiple...
CVE-2022-42010 Unknown Unknown Unknown
A syntactically invalid type signature with incorrectly nested parentheses and curly...
CVE-2022-41850 Unknown Unknown Unknown
CVE-2022-41849 Unknown No Unknown
use-after-free in ufx_ops_open() due to race condition with ufx_usb_disconnect() when...
CVE-2022-41767 Unknown Unknown Unknown
CVE-2022-41765 Unknown Unknown Unknown
CVE-2022-41556 Unknown Unknown Unknown
CVE-2022-41323 Unknown Unknown Unknown
CVE-2022-41318 Unknown Unknown Unknown
CVE-2022-41317 Unknown Unknown Unknown
CVE-2022-41218 Unknown Unknown Unknown
use-after-free when dvb_demux_open() is called between the two syncs of dvbdev->users and...
CVE-2022-40768 Unknown Unknown Unknown
CVE-2022-40674 Unknown Unknown Unknown
CVE-2022-40617 Unknown Unknown Unknown
CVE-2022-40307 Unknown Unknown Unknown
CVE-2022-39842 Unknown Unknown Unknown
I pxa3xx_gcu_write defined in  drivers/video/fbdev/pxa3xx-gcu.c, a count parameter of type...
CVE-2022-3977 Unknown Unknown Unknown
CVE-2022-3970 Unknown Unknown Unknown
CVE-2022-3910 Unknown Unknown Unknown
CVE-2022-38784 Unknown Unknown Unknown
CVE-2022-38178 Unknown Unknown Unknown
CVE-2022-38171 Unknown Unknown Unknown
CVE-2022-38023 Unknown Unknown Unknown
CVE-2022-37967 Unknown Unknown Unknown
CVE-2022-37966 Unknown Unknown Unknown
CVE-2022-37797 Unknown Unknown Unknown
CVE-2022-37436 Unknown Unknown Unknown
CVE-2022-36946 Unknown Yes Denial of service
nfqnl_mangle in net/netfilter/nfnetlink_queue.c allows remote attackers to cause a denial...
CVE-2022-36879 Unknown Unknown Unknown
double xfrm_pols_put() in xfrm_bundle_lookup()
CVE-2022-36760 Unknown Unknown Unknown
CVE-2022-3649 Unknown Unknown Unknown
use-after-free in nilfs_new_inode in fs/nilfs2/inode.c
CVE-2022-3646 Unknown Unknown Unknown
memory leak when nilfs_attach_log_writer() fails to create a log writer thread
CVE-2022-3643 Unknown Unknown Unknown
CVE-2022-3636 Unknown Unknown Unknown
CVE-2022-36359 Unknown Unknown Unknown
CVE-2022-3635 Unknown Unknown Unknown
CVE-2022-36280 Unknown Unknown Unknown
CVE-2022-3628 Unknown Unknown Unknown
CVE-2022-3627 Unknown Unknown Unknown
CVE-2022-3623 Unknown Unknown Unknown
CVE-2022-3621 Unknown Unknown Unknown
CVE-2022-3619 Unknown Unknown Unknown
CVE-2022-3606 Unknown Unknown Unknown
CVE-2022-3599 Unknown Unknown Unknown
CVE-2022-3597 Unknown Unknown Unknown
CVE-2022-3594 Unknown Unknown Unknown
CVE-2022-3591 Unknown Unknown Unknown
CVE-2022-3586 Unknown Unknown Unknown
potential use-after-free in sch_sfb enqueue()
CVE-2022-3570 Unknown Unknown Unknown
CVE-2022-3567 Unknown Unknown Unknown
CVE-2022-3566 Unknown Unknown Unknown
CVE-2022-3565 Unknown Unknown Unknown
CVE-2022-3564 Unknown Unknown Unknown
CVE-2022-3545 Unknown Unknown Unknown
use-after-free in nfp6000_area_init in drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c
CVE-2022-3543 Unknown Unknown Unknown
memory leaks in net/unix/af_unix.c
CVE-2022-35410 Unknown No Directory traversal
mat2 before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process....
CVE-2022-3541 Unknown Unknown Unknown
use after free in spl2sw_nvmem_get_mac_address
CVE-2022-3534 Unknown Unknown Unknown
CVE-2022-3524 Unknown Unknown Denial of service
memory leak in ipv6_renew_options() when one thread is converting an IPv6 socket into IPv4...
CVE-2022-3515 Unknown Unknown Unknown
CVE-2022-3492 Unknown Unknown Unknown
CVE-2022-34912 Unknown Unknown Unknown
CVE-2022-34911 Unknown Unknown Unknown
CVE-2022-34903 Unknown Unknown Unknown
CVE-2022-34684 Unknown Unknown Unknown
CVE-2022-34682 Unknown Unknown Unknown
CVE-2022-34680 Unknown Unknown Unknown
CVE-2022-34679 Unknown Unknown Unknown
CVE-2022-34678 Unknown Unknown Unknown
CVE-2022-34677 Unknown Unknown Unknown
CVE-2022-34676 Unknown Unknown Unknown
CVE-2022-34674 Unknown Unknown Unknown
CVE-2022-34673 Unknown Unknown Unknown
CVE-2022-34670 Unknown Unknown Unknown
CVE-2022-34526 Unknown Unknown Unknown
CVE-2022-34495 Unknown Unknown Unknown
double-free in rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c
CVE-2022-34494 Unknown Unknown Unknown
CVE-2022-3437 Unknown Unknown Unknown
CVE-2022-33981 Unknown Unknown Unknown
CVE-2022-3324 Unknown Unknown Unknown
CVE-2022-3303 Unknown Unknown Unknown
CVE-2022-32893 Unknown Unknown Unknown
CVE-2022-32891 Unknown Unknown Unknown
CVE-2022-32886 Unknown Unknown Unknown
CVE-2022-32745 Medium Yes Unknown
Samba AD users can crash the server process with an LDAP add or modify request.
CVE-2022-3256 Unknown Unknown Unknown
CVE-2022-3239 Unknown Unknown Unknown
CVE-2022-32296 Unknown Unknown Unknown
tcp clients could be fingerprinted due to insufficient randomness when selecting the source port
CVE-2022-32293 Unknown Unknown Unknown
CVE-2022-32292 Unknown Unknown Unknown
CVE-2022-32208 Unknown Unknown Unknown
CVE-2022-32207 Unknown Unknown Unknown
CVE-2022-32206 Unknown Unknown Unknown
CVE-2022-31813 Low Unknown Authentication bypass
Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin...
CVE-2022-31748 High Yes Arbitrary code execution
CVE-2022-31747 High Yes Arbitrary code execution
CVE-2022-31745 Medium Unknown Unknown
If array shift operations are not used, the Garbage Collector may have become confused...
CVE-2022-31743 Medium Yes Unknown
Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an...
CVE-2022-31742 Medium Unknown Information disclosure
An attacker could have exploited a timing attack by sending a large number of...
CVE-2022-31740 Unknown Unknown Unknown
CVE-2022-31739 Unknown Unknown Unknown
CVE-2022-31626 Unknown Unknown Unknown
CVE-2022-31625 Unknown Unknown Unknown
CVE-2022-3140 Unknown Unknown Unknown
links using that scheme could be constructed to call internal macros with arbitrary...
CVE-2022-31091 Unknown Unknown Unknown
CVE-2022-31090 Unknown Unknown Unknown
CVE-2022-31043 Unknown Unknown Unknown
CVE-2022-31042 Unknown Unknown Unknown
CVE-2022-31030 Unknown No Denial of service
programs inside a container can cause the containerd daemon to consume memory without bound...
CVE-2022-3099 Unknown Unknown Unknown
CVE-2022-3080 Unknown Unknown Unknown
CVE-2022-30789 Unknown Unknown Unknown
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array...
CVE-2022-30788 Unknown Unknown Unknown
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in...
CVE-2022-30786 Unknown Unknown Unknown
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in...
CVE-2022-30784 Unknown Unknown Unknown
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G...
CVE-2022-3061 Unknown Unknown Unknown
CVE-2022-30594 Medium Unknown Access restriction bypass
The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the...
CVE-2022-30556 Low Unknown Information disclosure
Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread()...
CVE-2022-30550 Unknown Unknown Unknown
CVE-2022-30522 Low Unknown Denial of service
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts...
CVE-2022-3028 Unknown Unknown Unknown
race-condition with xfrm_probe_algs() in net/key/af_key.c
CVE-2022-29824 Medium Unknown Arbitrary code execution
Integer overflow in xmlBuf (buf.c) and xmlBuffer (tree.c) can lead to out-of-bounds memory...
CVE-2022-2978 Unknown Unknown Unknown
In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails,...
CVE-2022-2953 Unknown Unknown Unknown
CVE-2022-29404 Low Unknown Denial of service
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls...
CVE-2022-29248 Unknown Unknown Unknown
CVE-2022-29217 Unknown Unknown Unknown
CVE-2022-29187 Unknown Unknown Unknown
CVE-2022-29156 High Unknown Unknown
double free related to rtrs_clt_dev_release in drivers/infiniband/ulp/rtrs/rtrs-clt.c
CVE-2022-28739 High Unknown Information disclosure
out-of-bounds read in string-to-float conversion
CVE-2022-28738 Unknown Unknown Arbitrary code execution
double-free in Regexp compilation
CVE-2022-28734 High Yes Unknown
When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data...
CVE-2022-2873 Unknown Unknown Unknown
CVE-2022-2869 Unknown Unknown Unknown
CVE-2022-2868 Unknown Unknown Unknown
CVE-2022-2867 Unknown Unknown Unknown
CVE-2022-28615 Low Unknown Information disclosure
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read...
CVE-2022-28614 Low Unknown Unknown
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended...
CVE-2022-28388 High Unknown Unknown
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1...
CVE-2022-28330 Unknown Unknown Unknown
CVE-2022-28288 Medium Unknown Arbitrary code execution
Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla...
CVE-2022-28287 Low Unknown Unknown
In unusual circumstances, selecting text could cause text selection caching to behave...
CVE-2022-28285 Medium Unknown Unknown
When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was...
CVE-2022-28284 Medium Unknown Unknown
SVG's <use> element could have been used to load unexpected content that could have...
CVE-2022-28283 Medium Unknown Unknown
The sourceMapURL feature in devtools was missing security checks that would have allowed a...
CVE-2022-28282 Medium Unknown Unknown
By using a link with rel="localization" a use-after-free could have been triggered by...
CVE-2022-28209 Critical Unknown Unknown
An issue was discovered in Mediawiki through 1.37.1. The check for the override-antispoof...
CVE-2022-28206 Critical Unknown Unknown
An issue was discovered in MediaWiki through 1.37.1. ImportPlanValidator.php in the...
CVE-2022-28205 Critical Unknown Unknown
An issue was discovered in MediaWiki through 1.37.1. The CentralAuth extension mishandles a...
CVE-2022-28203 Unknown Unknown Unknown
CVE-2022-28201 Unknown Unknown Unknown
CVE-2022-28192 Unknown Unknown Unknown
CVE-2022-28191 Unknown Unknown Unknown
CVE-2022-28185 Unknown Unknown Unknown
CVE-2022-28184 Unknown Unknown Unknown
CVE-2022-28183 Unknown Unknown Unknown
CVE-2022-28181 Unknown Unknown Unknown
CVE-2022-28144 Medium Yes Unknown
Jenkins Proxmox Plugin 0.7.0 and earlier does not perform a permission check in several...
CVE-2022-28142 High Yes Unknown
Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally...
CVE-2022-28139 Medium Yes Unknown
A missing permission check in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows...
CVE-2022-28137 Medium Yes Unknown
A missing permission check in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and...
CVE-2022-28134 Medium Yes Unknown
Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not perform permission...
CVE-2022-2795 Unknown Unknown Unknown
CVE-2022-27942 Unknown Unknown Unknown
tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c
CVE-2022-27941 Unknown Unknown Unknown
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in...
CVE-2022-27940 Unknown Unknown Unknown
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c
CVE-2022-27939 Unknown Unknown Unknown
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c
CVE-2022-27820 Medium Unknown Unknown
ZAP proxy does not verify the certificate chain of the HTTPS servers it connects to
CVE-2022-27782 Medium Unknown Unknown
libcurl would reuse a previously created connection even when a TLS or SSH related option...
CVE-2022-27781 Low Unknown Unknown
libcurl provides the `CURLOPT_CERTINFO` option to allow applications to request details to...
CVE-2022-27780 Medium Unknown Unknown
The curl URL parser wrongly accepts percent-encoded URL separators like '/' when decoding...
CVE-2022-27779 Medium Unknown Unknown
libcurl wrongly allows HTTP cookies to be set for Top Level Domains (TLDs) if the host name...
CVE-2022-27778 Medium Unknown Unknown
If curl adds a number to not "clobber" the output and an error occurs during transfer, the...
CVE-2022-27666 High Unknown Unknown
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c...
CVE-2022-27337 Unknown Unknown Unknown
CVE-2022-27223 High Unknown Unknown
In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint...
CVE-2022-26966 Medium Unknown Unknown
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows...
CVE-2022-26878 Medium Unknown Unknown
drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket...
CVE-2022-26710 Unknown Unknown Unknown
CVE-2022-2663 Unknown Unknown Unknown
CVE-2022-26490 High Unknown Unknown
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel...
CVE-2022-26387 High Unknown Unknown
When installing an add-on, Thunderbird verified the signature before prompting the user;...
CVE-2022-26386 Low No Unknown
Previously Thunderbird for macOS and Linux would download temporary files to a...
CVE-2022-26384 High Yes Unknown
If an attacker could control the contents of an iframe sandboxed with allow-popups but not...
CVE-2022-26383 High Yes Unknown
When resizing a popup after requesting fullscreen access, the popup would not display the...
CVE-2022-26377 Medium Yes Unknown
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in...
CVE-2022-26307 Unknown Unknown Unknown
CVE-2022-26306 Unknown Unknown Unknown
CVE-2022-26305 Unknown Unknown Unknown
CVE-2022-2581 Unknown Unknown Unknown
CVE-2022-2539 Medium Yes Unknown
Unauthorized users can filter issues by contact and organization
CVE-2022-25375 Medium Unknown Information disclosure
RNDIS USB gadget in drivers/usb/gadget/function/rndis.c lacks validation of the size of the...
CVE-2022-2534 Low Yes Unknown
GitLab was returning contributor emails due to improper data handling in the Datadog integration
CVE-2022-25310 Unknown No Unknown
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the...
CVE-2022-25309 Unknown No Unknown
A heap-based buffer overflow flaw was found in the Fribidi package and affects the...
CVE-2022-2521 Unknown Unknown Unknown
CVE-2022-2520 Unknown Unknown Unknown
CVE-2022-2519 Unknown Unknown Unknown
CVE-2022-2512 Medium Yes Unknown
Membership changes are not reflected in TODO for confidential notes, allowing a former...
CVE-2022-2503 Unknown Unknown Unknown
CVE-2022-2500 Medium Yes Unknown
stored XSS in job error messages allows attackers to perform arbitrary actions on behalf of...
CVE-2022-2497 Medium Yes Unknown
A malicious maintainer could exfiltrate an integration's access token by modifying the...
CVE-2022-24959 Medium Unknown Unknown
An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in...
CVE-2022-24958 High Unknown Unknown
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
CVE-2022-24883 Unknown Yes Authentication bypass
freerpd servers using authentication against a SAM file with an invalid path configured...
CVE-2022-24790 Unknown Yes Unknown
Puma behind a proxy that does not properly validate that the incoming HTTP request matches...
CVE-2022-24761 High Yes Unknown
waitress behind a proxy that does not properly validate the incoming HTTP request matches...
CVE-2022-24713 Low Unknown Unknown
The rust regex crate did not properly prevent crafted regular expressions from taking an...
CVE-2022-2456 Medium Yes Unknown
It may be possible for malicious group or project maintainers to change their corresponding...
CVE-2022-24303 Unknown Unknown Unknown
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames...
CVE-2022-2417 Medium Yes Unknown
gitlab allows an authenticated and authorised user to import a project that includes branch...
CVE-2022-24070 High Yes Unknown
While looking up path-based authorization rules, mod_dav_svn servers may attempt to use...
CVE-2022-23901 Unknown Unknown Unknown
A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc.
CVE-2022-23833 Unknown Unknown Unknown
CVE-2022-23648 Unknown Unknown Information disclosure
containers launched through containerd’s CRI implementation with a specially-crafted image...
CVE-2022-23634 High Yes Unknown
puma may not always call close on the response body. Rails, prior to version 7.0.2.2,...
CVE-2022-2345 Unknown Unknown Unknown
CVE-2022-23308 High Unknown Arbitrary code execution
Use-after-free of ID and IDREF attributes in valid.c
CVE-2022-2326 Medium Yes Unknown
It may be possible to gain access to a private project through an email invite by using...
CVE-2022-2318 Unknown Unknown Unknown
CVE-2022-23098 Unknown Unknown Unknown
CVE-2022-23097 Unknown Unknown Unknown
CVE-2022-23096 Unknown Unknown Unknown
CVE-2022-2307 Low Yes Unknown
gitlab allows a malicious Group Owner to retain a usable Group Access Token even after the...
CVE-2022-2303 Medium Yes Unknown
It may be possible for group members to bypass 2FA enforcement enabled at the group level...
CVE-2022-22818 Unknown Unknown Unknown
CVE-2022-22817 Unknown Unknown Unknown
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such...
CVE-2022-22816 Unknown Unknown Unknown
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization...
CVE-2022-22815 Unknown Unknown Unknown
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path
CVE-2022-22677 Unknown Unknown Unknown
CVE-2022-22662 Unknown Unknown Unknown
CVE-2022-22637 High Yes Unknown
A logic issue was addressed with improved state management. A malicious website may cause...
CVE-2022-2153 Unknown No Denial of service
NULL pointer dereference in kvm_irq_delivery_to_apic_fast() could cause the the host to crash
CVE-2022-21499 Unknown Unknown Unknown
KGDB and KDB allow read and write access to kernel memory but were not restricted during lockdown
CVE-2022-21496 Medium Yes Unknown
CVE-2022-21476 High Yes Unknown
CVE-2022-21443 Low Yes Unknown
CVE-2022-21434 Medium Yes Unknown
CVE-2022-21426 Medium Yes Unknown
CVE-2022-2095 Medium Yes Unknown
gitlab allows a malicious authenticated user to view a public project's Deploy Key's public...
CVE-2022-20803 Unknown Yes Arbitrary code execution
possible double-free vulnerability in the OLE2 file parser
CVE-2022-20796 Medium Unknown Unknown
possible NULL-pointer dereference crash in the scan verdict cache check
CVE-2022-20792 Unknown Yes Arbitrary code execution
possible multi-byte heap buffer overflow write vulnerability in the signature database load module
CVE-2022-2058 Unknown Unknown Unknown
CVE-2022-2057 Unknown Unknown Unknown
CVE-2022-2056 Unknown Unknown Unknown
CVE-2022-1975 Medium Unknown Unknown
a sleep called in an atomic context could cause kernel panic during nfc firmware download
CVE-2022-1919 Low Unknown Unknown
An attacker could have caused an uninitialized variable on the stack to be mistakenly...
CVE-2022-1876 Low Unknown Unknown
Heap buffer overflow in DevTools
CVE-2022-1875 Low Unknown Unknown
Inappropriate implementation in PDF
CVE-2022-1874 Low Unknown Unknown
Insufficient policy enforcement in Safe Browsing
CVE-2022-1873 Low Unknown Unknown
Insufficient policy enforcement in COOP
CVE-2022-1872 Low Unknown Unknown
Insufficient policy enforcement in Extensions API
CVE-2022-1871 Low Unknown Unknown
Insufficient policy enforcement in File System API
CVE-2022-1870 Medium Unknown Unknown
Use after free in App Service
CVE-2022-1869 Medium Unknown Unknown
Type Confusion in V8
CVE-2022-1868 Medium Unknown Unknown
Inappropriate implementation in Extensions API
CVE-2022-1867 Medium Unknown Unknown
Insufficient validation of untrusted input in Data Transfer
CVE-2022-1866 Medium Unknown Unknown
Use after free in Tablet Mode
CVE-2022-1865 Medium Unknown Unknown
Use after free in Bookmarks
CVE-2022-1864 Medium Unknown Unknown
Use after free in WebApp Installs
CVE-2022-1863 Medium Unknown Unknown
Use after free in Tab Groups
CVE-2022-1862 Medium Unknown Unknown
Inappropriate implementation in Extensions
CVE-2022-1789 Unknown Unknown Unknown
CVE-2022-1736 Unknown Unknown Unknown
CVE-2022-1734 High No Unknown
possible use-after-free due to race condition when simulating NFC device from user space
CVE-2022-1652 Unknown Unknown Unknown
A concurrency use-after-free was found in the Linux kernel.
CVE-2022-1641 Medium Unknown Unknown
Use after free in Web UI Diagnostics.
CVE-2022-1640 High Unknown Unknown
Use after free in Sharing.
CVE-2022-1639 High Unknown Unknown
Use after free in ANGLE.
CVE-2022-1638 High Unknown Unknown
Heap buffer overflow in V8 Internationalization.
CVE-2022-1637 High Unknown Unknown
Inappropriate implementation in Web Contents.
CVE-2022-1636 High Unknown Unknown
Use after free in Performance APIs.
CVE-2022-1635 High Unknown Unknown
Use after free in Permission Prompts.
CVE-2022-1634 High Unknown Unknown
Use after free in Browser UI.
CVE-2022-1633 High Unknown Unknown
Use after free in Sharesheet.
CVE-2022-1623 Unknown Unknown Unknown
CVE-2022-1622 Unknown Unknown Unknown
CVE-2022-1537 Unknown Unknown Unknown
file.copy operations in GruntJS are vulnerable to a TOC-TOU race condition leading to...
CVE-2022-1516 Unknown Unknown Unknown
A NULL pointer dereference flaw in the implementation of the X.25 set of standardized...
CVE-2022-1510 Medium Unknown Denial of service
GitLab all versions starting from 13.9 before 14.8.6, all versions starting from 14.9...
CVE-2022-1462 Medium No Unknown
a local user can use a race condition in `drivers/tty/tty_buffers.c` to cause a memory leak...
CVE-2022-1460 Medium Unknown Access restriction bypass
GitLab all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before...
CVE-2022-1433 Low Unknown Unknown
Missing invalidation of Markdown caching causes potential payloads from a previously...
CVE-2022-1431 Medium Unknown Denial of service
GitLab all versions starting from 12.10 before 14.8.6, all versions starting from 14.9...
CVE-2022-1428 Medium Unknown Denial of service
GitLab all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all...
CVE-2022-1426 Low Unknown Authentication bypass
GitLab from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions...
CVE-2022-1423 High Unknown Arbitrary code execution
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions...
CVE-2022-1417 Medium Unknown Authentication bypass
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before...
CVE-2022-1416 Medium Unknown Unknown
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all...
CVE-2022-1413 Medium Unknown Information disclosure
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before...
CVE-2022-1406 Medium Unknown Insufficient validation
Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6,...
CVE-2022-1353 Unknown Unknown Unknown
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux...
CVE-2022-1352 Medium Unknown Information disclosure
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all...
CVE-2022-1328 Unknown Unknown Unknown
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before...
CVE-2022-1292 Medium Unknown Unknown
The c_rehash script does not properly sanitise shell metacharacters to prevent command...
CVE-2022-1205 Unknown Unknown Unknown
There are NPD and use-after-free vulnerabilities in net/ax25/ax25_timer.c of linux that...
CVE-2022-1204 Unknown Unknown Unknown
There are use-after-free vulnerabilities in net/ax25/af_ax25.c of linux that allow attacker...
CVE-2022-1199 Unknown Unknown Unknown
There are null-ptr-deref vulnerability and use-after-free vulnerabilities in...
CVE-2022-1198 Unknown Unknown Unknown
There are use-after-free vulnerabilities in drivers/net/hamradio/6pack.c of linux that...
CVE-2022-1197 Medium Unknown Unknown
When importing a revoked key that specified key compromise as the revocation reason,...
CVE-2022-1196 Medium Unknown Unknown
After a VR Process is destroyed, a reference to it may have been retained and used, leading...
CVE-2022-1195 Unknown Unknown Unknown
A use-after-free vulnerability was found in drivers/net/hamradio in the Linux kernel. In...
CVE-2022-1172 Medium Unknown Unknown
Null Pointer Dereference Caused Segmentation Fault in gpac prior to 2.1.0-DEV
CVE-2022-1158 Unknown Unknown Unknown
Linux Kernel v5.2+: x86/kvm: cmpxchg_gpte can write to pfns outside the userspace region
CVE-2022-1124 Medium Unknown Information disclosure
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions...
CVE-2022-1106 Unknown Unknown Unknown
use after free in mrb_vm_exec in mruby prior to 3.2
CVE-2022-1096 High Yes Unknown
It is a type confusion weakness in the Chrome V8 JavaScript engine. Google is aware that an...
CVE-2022-1048 Unknown Unknown Unknown
race condition in snd_pcm_hw_free leading to use-after-free
CVE-2022-1016 Unknown Unknown Unknown
CVE-2022-1016 pertains to uninitialized stack data in the nft_do_chain routine....
CVE-2022-1015 Unknown Unknown Unknown
CVE-2022-1015 pertains to an out of bounds access in nf_tables expression evaluation due to...
CVE-2022-1012 Unknown Unknown Unknown
CVE-2022-0854 Medium Unknown Unknown
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls...
CVE-2022-0843 Medium Unknown Arbitrary code execution
Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory...
CVE-2022-0812 Unknown Unknown Unknown
CVE-2022-0617 Medium Unknown Unknown
A NULL pointer dereference was found in the Linux kernel’s UDF file system functionality in...
CVE-2022-0546 Unknown Unknown Unknown
CVE-2022-0545 Unknown Unknown Unknown
CVE-2022-0544 Unknown Unknown Unknown
CVE-2022-0500 Unknown Unknown Unknown
CVE-2022-0494 Medium Unknown Unknown
A kernel information leak flaw was identified in the scsi_ioctl function in...
CVE-2022-0436 Unknown Unknown Unknown
file.copy operations in GruntJS are not protected against symlink traversal for both source...
CVE-2022-0419 Medium Unknown Unknown
NULL pointer dereference in load_buffer
CVE-2022-0417 Unknown Unknown Unknown
CVE-2022-0392 Unknown Unknown Unknown
CVE-2022-0358 High No Unknown
In the QEMU virtio-fs shared file system daemon (virtiofsd) a local guest user can create...
CVE-2022-0168 Unknown Unknown Unknown
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info...
CVE-2021-46829 Unknown Unknown Arbitrary code execution
heap buffer overflow when composing or clearing frames in GIF files
CVE-2021-44975 Unknown Unknown Unknown
Buffer Overflow via /libr/core/anal_objc.c mach-o parser
CVE-2021-44974 Unknown Unknown Unknown
NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser
CVE-2021-44879 Medium Unknown Unknown
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not...
CVE-2021-44856 Unknown Unknown Unknown
CVE-2021-44855 Unknown Unknown Unknown
CVE-2021-44854 Unknown Unknown Unknown
CVE-2021-4207 High Unknown Unknown
In the QXL display device emulation in QEMU. A double fetch of guest controlled values...
CVE-2021-4197 High Unknown Unknown
An unprivileged write to the file handler flaw in the Linux kernel's control groups and...
CVE-2021-4192 High Unknown Unknown
use-after-free in win_linetabsize()
CVE-2021-4156 High Unknown Unknown
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker...
CVE-2021-41136 Low Yes Unknown
Using puma with a proxy which forwards LF characters as line endings could allow HTTP...
CVE-2021-33655 Unknown Unknown Unknown
CVE-2021-28544 Medium Unknown Information disclosure
Subversion servers reveal 'copyfrom' paths that should be hidden according to configured...
CVE-2006-20001 Unknown Unknown Unknown

Orphan issues

Issue Severity Remote Type Description
CVE-2020-23904 Medium Yes Arbitrary code execution
A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of...
CVE-2021-4206 High No Arbitrary code execution
An integer overflow in the cursor_alloc() function of the QXL display device emulation can...
CVE-2021-4207 High Unknown Unknown
In the QXL display device emulation in QEMU. A double fetch of guest controlled values...
CVE-2021-45046 Medium Yes Denial of service
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete...
CVE-2022-0358 High No Unknown
In the QEMU virtio-fs shared file system daemon (virtiofsd) a local guest user can create...
CVE-2022-0494 Medium Unknown Unknown
A kernel information leak flaw was identified in the scsi_ioctl function in...
CVE-2022-0617 Medium Unknown Unknown
A NULL pointer dereference was found in the Linux kernel’s UDF file system functionality in...
CVE-2022-0854 Medium Unknown Unknown
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls...
CVE-2022-0987 Low No Information disclosure
A vulnerability was found in PackageKit in the way some of the methods exposed by the...
CVE-2022-1011 High No Privilege escalation
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user...
CVE-2022-1106 Unknown Unknown Unknown
use after free in mrb_vm_exec in mruby prior to 3.2
CVE-2022-1172 Medium Unknown Unknown
Null Pointer Dereference Caused Segmentation Fault in gpac prior to 2.1.0-DEV
CVE-2022-1215 High No Privilege escalation
Format string vulnerability in evdev device handling
CVE-2022-1328 Unknown Unknown Unknown
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before...
CVE-2022-1348 Medium No Denial of service
The state file is used to prevent parallel executions of multiple instances of logrotate by...
CVE-2022-1462 Medium No Unknown
a local user can use a race condition in `drivers/tty/tty_buffers.c` to cause a memory leak...
CVE-2022-1652 Unknown Unknown Unknown
A concurrency use-after-free was found in the Linux kernel.
CVE-2022-1852 Medium No Denial of service
executing an illegal instruction in a kvm guest on an intel cpu causes a null pointer dereference
CVE-2022-22815 Unknown Unknown Unknown
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path
CVE-2022-22816 Unknown Unknown Unknown
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization...
CVE-2022-22817 Unknown Unknown Unknown
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such...
CVE-2022-23901 Unknown Unknown Unknown
A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc.
CVE-2022-24303 Unknown Unknown Unknown
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames...
CVE-2022-24448 Low No Information disclosure
A flaw was found in the Linux kernel. When an application tries to open a directory (using...
CVE-2022-24903 High Yes Arbitrary code execution
A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft...
CVE-2022-24958 High Unknown Unknown
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
CVE-2022-24959 Medium Unknown Unknown
An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in...
CVE-2022-25258 Medium No Denial of service
NULL pointer dereference in the kernel's USB gadget subsystem allows a local user to crash...
CVE-2022-25308 Medium No Denial of service
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an...
CVE-2022-25309 Unknown No Unknown
A heap-based buffer overflow flaw was found in the Fribidi package and affects the...
CVE-2022-25310 Unknown No Unknown
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the...
CVE-2022-25375 Medium Unknown Information disclosure
RNDIS USB gadget in drivers/usb/gadget/function/rndis.c lacks validation of the size of the...
CVE-2022-26353 High No Arbitrary code execution
the fix for CVE-2021-3748 forgot to unmap the cached virtqueue elements on error, leading...
CVE-2022-26354 Low No Denial of service
In case of error in the vhost-vsock device, an invalid element was not detached from the...
CVE-2022-26691 High No Authentication bypass
CUPS requires users to demonstrate root/admin level access to perform various printer...
CVE-2022-26878 Medium Unknown Unknown
drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket...
CVE-2022-26966 Medium Unknown Unknown
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows...
CVE-2022-27223 High Unknown Unknown
In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint...
CVE-2022-27820 Medium Unknown Unknown
ZAP proxy does not verify the certificate chain of the HTTPS servers it connects to
CVE-2022-27939 Unknown Unknown Unknown
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c
CVE-2022-27940 Unknown Unknown Unknown
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c
CVE-2022-27941 Unknown Unknown Unknown
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in...
CVE-2022-27942 Unknown Unknown Unknown
tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c
CVE-2022-28330 Unknown Unknown Unknown
CVE-2022-29156 High Unknown Unknown
double free related to rtrs_clt_dev_release in drivers/infiniband/ulp/rtrs/rtrs-clt.c
CVE-2022-29581 High No Privilege escalation
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local...
CVE-2022-30594 Medium Unknown Access restriction bypass
The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the...
CVE-2022-31739 Unknown Unknown Unknown
CVE-2022-31740 Unknown Unknown Unknown