| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-30600 |
682 |
|
Bypass |
2022-05-18 |
2022-06-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. |
|
2 |
CVE-2022-30599 |
89 |
|
Sql |
2022-05-18 |
2022-06-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. |
|
3 |
CVE-2022-30598 |
|
|
|
2022-05-18 |
2022-06-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it. |
|
4 |
CVE-2022-30597 |
|
|
|
2022-05-18 |
2022-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field. |
|
5 |
CVE-2022-30596 |
79 |
|
XSS |
2022-05-18 |
2022-06-13 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. |
|
6 |
CVE-2022-29968 |
909 |
|
|
2022-05-02 |
2023-02-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. |
|
7 |
CVE-2022-29869 |
668 |
|
+Info |
2022-04-28 |
2022-10-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. |
|
8 |
CVE-2022-29824 |
190 |
|
Overflow |
2022-05-03 |
2023-01-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. |
|
9 |
CVE-2022-29536 |
787 |
|
Overflow |
2022-04-20 |
2022-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. |
|
10 |
CVE-2022-29502 |
|
|
|
2022-05-05 |
2022-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. |
|
11 |
CVE-2022-29501 |
|
|
Exec Code |
2022-05-05 |
2022-09-09 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. |
|
12 |
CVE-2022-29500 |
668 |
|
|
2022-05-05 |
2022-09-09 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. |
|
13 |
CVE-2022-29162 |
276 |
|
|
2022-05-17 |
2023-03-27 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file. |
|
14 |
CVE-2022-29145 |
|
|
DoS |
2022-05-10 |
2022-10-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117. |
|
15 |
CVE-2022-29117 |
400 |
|
DoS |
2022-05-10 |
2022-05-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145. |
|
16 |
CVE-2022-28919 |
79 |
|
XSS |
2022-05-12 |
2022-10-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename. |
|
17 |
CVE-2022-28390 |
415 |
|
|
2022-04-03 |
2023-02-01 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. |
|
18 |
CVE-2022-28389 |
415 |
|
|
2022-04-03 |
2023-01-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. |
|
19 |
CVE-2022-28388 |
415 |
|
|
2022-04-03 |
2023-01-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. |
|
20 |
CVE-2022-28327 |
|
|
|
2022-04-20 |
2023-02-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. |
|
21 |
CVE-2022-28048 |
682 |
|
|
2022-04-15 |
2022-05-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac. |
|
22 |
CVE-2022-28042 |
416 |
|
|
2022-04-15 |
2023-02-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode. |
|
23 |
CVE-2022-28041 |
190 |
|
DoS Overflow |
2022-04-15 |
2023-02-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors. |
|
24 |
CVE-2022-27666 |
787 |
|
Overflow |
2022-03-23 |
2023-02-01 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. |
|
25 |
CVE-2022-27651 |
276 |
|
|
2022-04-04 |
2022-09-03 |
4.9 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
None |
|
A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity. |
|
26 |
CVE-2022-27650 |
276 |
|
|
2022-04-04 |
2022-11-28 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. |
|
27 |
CVE-2022-27649 |
276 |
|
|
2022-04-04 |
2022-07-22 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. |
|
28 |
CVE-2022-27470 |
787 |
|
|
2022-05-04 |
2022-05-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file. |
|
29 |
CVE-2022-27406 |
125 |
|
|
2022-04-22 |
2022-07-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. |
|
30 |
CVE-2022-27405 |
125 |
|
|
2022-04-22 |
2022-07-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request. |
|
31 |
CVE-2022-27404 |
787 |
|
Overflow |
2022-04-22 |
2022-07-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. |
|
32 |
CVE-2022-27239 |
787 |
|
Overflow +Priv |
2022-04-27 |
2022-10-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. |
|
33 |
CVE-2022-27227 |
|
|
|
2022-03-25 |
2022-07-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers. |
|
34 |
CVE-2022-27191 |
327 |
|
|
2022-03-18 |
2022-10-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. |
|
35 |
CVE-2022-26496 |
787 |
|
Overflow |
2022-03-06 |
2023-05-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name. |
|
36 |
CVE-2022-26495 |
190 |
|
Overflow |
2022-03-06 |
2022-04-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages. |
|
37 |
CVE-2022-26490 |
120 |
|
Overflow |
2022-03-06 |
2023-01-20 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. |
|
38 |
CVE-2022-26361 |
|
|
Mem. Corr. |
2022-04-05 |
2022-06-16 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption. |
|
39 |
CVE-2022-26360 |
|
|
Mem. Corr. |
2022-04-05 |
2022-06-16 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption. |
|
40 |
CVE-2022-26359 |
|
|
Mem. Corr. |
2022-04-05 |
2022-07-29 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption. |
|
41 |
CVE-2022-26358 |
|
|
Mem. Corr. |
2022-04-05 |
2022-07-29 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption. |
|
42 |
CVE-2022-26357 |
362 |
|
Bypass |
2022-04-05 |
2022-07-01 |
6.2 |
None |
Local |
High |
Not required |
Complete |
Complete |
Complete |
|
race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the housekeeping structures has a race, allowing for VT-d domain IDs to be leaked and flushes to be bypassed. |
|
43 |
CVE-2022-26356 |
772 |
|
|
2022-04-05 |
2022-07-29 |
4.0 |
None |
Local |
High |
Not required |
None |
None |
Complete |
|
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_vram can enable log dirty while another CPU is still in the process of tearing down the structures related to a previously enabled log dirty mode (XEN_DOMCTL_SHADOW_OP_OFF). This is due to lack of mutually exclusive locking between both operations and can lead to entries being added in already freed slots, resulting in a memory leak. |
|
44 |
CVE-2022-26126 |
119 |
|
Overflow |
2022-03-03 |
2022-07-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c. |
|
45 |
CVE-2022-25648 |
88 |
|
|
2022-04-19 |
2023-02-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. |
|
46 |
CVE-2022-25601 |
79 |
|
XSS |
2022-03-11 |
2022-04-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4). |
|
47 |
CVE-2022-25600 |
352 |
|
CSRF |
2022-03-11 |
2022-04-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). |
|
48 |
CVE-2022-25315 |
190 |
|
Overflow |
2022-02-18 |
2022-10-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. |
|
49 |
CVE-2022-25314 |
190 |
|
Overflow |
2022-02-18 |
2022-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. |
|
50 |
CVE-2022-25313 |
400 |
|
|
2022-02-18 |
2022-10-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. |
