| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2023-27561 |
706 |
|
|
2023-03-03 |
2023-03-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. |
|
2 |
CVE-2023-1095 |
476 |
|
|
2023-02-28 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference. |
|
3 |
CVE-2023-0361 |
203 |
|
|
2023-02-15 |
2023-03-18 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. |
|
4 |
CVE-2022-41862 |
|
|
|
2023-03-03 |
2023-03-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. |
|
5 |
CVE-2022-35653 |
79 |
|
Exec Code XSS |
2022-07-25 |
2022-07-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users. |
|
6 |
CVE-2022-35651 |
79 |
|
Exec Code XSS |
2022-07-25 |
2022-07-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. |
|
7 |
CVE-2022-34303 |
|
|
Exec Code Bypass |
2022-08-26 |
2022-09-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
|
8 |
CVE-2022-34302 |
|
|
Exec Code Bypass |
2022-08-26 |
2022-09-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
|
9 |
CVE-2022-34301 |
|
|
Exec Code Bypass |
2022-08-26 |
2022-09-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
|
10 |
CVE-2022-32547 |
704 |
|
|
2022-06-16 |
2023-01-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. |
|
11 |
CVE-2022-32546 |
190 |
|
|
2022-06-16 |
2022-06-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. |
|
12 |
CVE-2022-32545 |
190 |
|
|
2022-06-16 |
2022-06-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. |
|
13 |
CVE-2022-30600 |
682 |
|
Bypass |
2022-05-18 |
2022-06-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. |
|
14 |
CVE-2022-30599 |
89 |
|
Sql |
2022-05-18 |
2022-06-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. |
|
15 |
CVE-2022-30598 |
|
|
|
2022-05-18 |
2022-06-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it. |
|
16 |
CVE-2022-30597 |
|
|
|
2022-05-18 |
2022-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field. |
|
17 |
CVE-2022-30596 |
79 |
|
XSS |
2022-05-18 |
2022-06-13 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. |
|
18 |
CVE-2022-28796 |
416 |
|
|
2022-04-08 |
2022-05-12 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. |
|
19 |
CVE-2022-27666 |
787 |
|
Overflow |
2022-03-23 |
2023-02-01 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. |
|
20 |
CVE-2022-27651 |
276 |
|
|
2022-04-04 |
2022-09-03 |
4.9 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
None |
|
A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity. |
|
21 |
CVE-2022-27650 |
276 |
|
|
2022-04-04 |
2022-11-28 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. |
|
22 |
CVE-2022-27649 |
276 |
|
|
2022-04-04 |
2022-07-22 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. |
|
23 |
CVE-2022-25310 |
119 |
|
DoS Overflow |
2022-09-06 |
2023-02-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service. |
|
24 |
CVE-2022-25309 |
122 |
|
DoS Overflow |
2022-09-06 |
2023-02-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service. |
|
25 |
CVE-2022-25308 |
121 |
|
DoS Overflow |
2022-09-06 |
2023-02-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. |
|
26 |
CVE-2022-23645 |
125 |
|
|
2022-02-18 |
2022-03-07 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds. |
|
27 |
CVE-2022-21682 |
22 |
|
Dir. Trav. |
2022-01-13 |
2022-02-10 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that is specified in the manifest, so running `flatpak build` against it will gain those permissions. Normally this will not be done, so this is not problem. However, if `--mirror-screenshots-url` is specified, then flatpak-builder will launch `flatpak build --nofilesystem=host appstream-utils mirror-screenshots` after finalization, which can lead to issues even with the `--nofilesystem=host` protection. In normal use, the only issue is that these empty directories can be created wherever the user has write permissions. However, a malicious application could replace the `appstream-util` binary and potentially do something more hostile. This has been resolved in Flatpak 1.12.3 and 1.10.6 by changing the behaviour of `--nofilesystem=home` and `--nofilesystem=host`. |
|
28 |
CVE-2022-4904 |
20 |
|
DoS Overflow |
2023-03-06 |
2023-03-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. |
|
29 |
CVE-2022-4743 |
401 |
|
DoS |
2023-01-12 |
2023-02-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected. |
|
30 |
CVE-2022-4285 |
476 |
|
DoS |
2023-01-27 |
2023-02-07 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. |
|
31 |
CVE-2022-4283 |
416 |
|
Exec Code |
2022-12-14 |
2023-02-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. |
|
32 |
CVE-2022-4254 |
90 |
|
|
2023-02-01 |
2023-02-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters |
|
33 |
CVE-2022-4144 |
125 |
|
DoS |
2022-11-29 |
2023-01-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition. |
|
34 |
CVE-2022-3821 |
193 |
|
DoS |
2022-11-08 |
2022-12-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. |
|
35 |
CVE-2022-3775 |
787 |
|
Exec Code Mem. Corr. |
2022-12-19 |
2022-12-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded. |
|
36 |
CVE-2022-3715 |
787 |
|
Overflow |
2023-01-05 |
2023-02-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems. |
|
37 |
CVE-2022-3707 |
415 |
|
|
2023-03-06 |
2023-03-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system. |
|
38 |
CVE-2022-3560 |
22 |
|
+Priv Dir. Trav. |
2023-02-02 |
2023-02-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack. |
|
39 |
CVE-2022-3500 |
248 |
|
|
2022-11-22 |
2023-02-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore. |
|
40 |
CVE-2022-3424 |
416 |
|
|
2023-03-06 |
2023-03-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system. |
|
41 |
CVE-2022-2990 |
842 |
|
Exec Code |
2022-09-13 |
2023-02-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. |
|
42 |
CVE-2022-2989 |
842 |
|
Exec Code |
2022-09-13 |
2023-02-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. |
|
43 |
CVE-2022-2964 |
119 |
|
Overflow |
2022-09-09 |
2023-01-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. |
|
44 |
CVE-2022-2963 |
401 |
|
|
2022-10-14 |
2022-10-18 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault. |
|
45 |
CVE-2022-2938 |
416 |
|
Mem. Corr. |
2022-08-23 |
2023-01-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. |
|
46 |
CVE-2022-2905 |
125 |
|
|
2022-09-09 |
2022-11-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. |
|
47 |
CVE-2022-2873 |
131 |
|
|
2022-08-22 |
2023-03-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. |
|
48 |
CVE-2022-2850 |
476 |
|
DoS |
2022-10-14 |
2023-02-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514. |
|
49 |
CVE-2022-2639 |
787 |
|
|
2022-09-01 |
2023-01-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. |
|
50 |
CVE-2022-2625 |
1321 |
|
|
2022-08-18 |
2022-12-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser. |
