Total
5075 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0685 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. | |||||
| CVE-2022-0676 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. | |||||
| CVE-2022-0670 | 3 Fedoraproject, Linuxfoundation, Redhat | 3 Fedora, Ceph, Ceph Storage | 2023-11-07 | N/A | 9.1 CRITICAL |
| A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2. | |||||
| CVE-2022-0629 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-0613 | 2 Fedoraproject, Uri.js Project | 2 Fedora, Uri.js | 2023-11-07 | 6.4 MEDIUM | 6.5 MEDIUM |
| Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. | |||||
| CVE-2022-0586 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-11-07 | 7.8 HIGH | 7.5 HIGH |
| Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0585 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0583 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0582 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0581 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0572 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-0571 | 2 Fedoraproject, Phoronix-media | 3 Extra Packages For Enterprise Linux, Fedora, Phoronix Test Suite | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2. | |||||
| CVE-2022-0562 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c. | |||||
| CVE-2022-0561 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712. | |||||
| CVE-2022-0559 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | |||||
| CVE-2022-0554 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-0547 | 3 Debian, Fedoraproject, Openvpn | 3 Debian Linux, Fedora, Openvpn | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. | |||||
| CVE-2022-0546 | 3 Blender, Debian, Fedoraproject | 4 Blender, Debian Linux, Extra Packages For Enterprise Linux and 1 more | 2023-11-07 | 5.1 MEDIUM | 7.8 HIGH |
| A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution. | |||||
| CVE-2022-0523 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | |||||
| CVE-2022-0522 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2. | |||||