Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-29164 | 1 Argo Workflows Project | 1 Argo Workflows | 2022-05-17 | 4.6 MEDIUM | 7.1 HIGH |
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. In affected versions an attacker can create a workflow which produces a HTML artifact containing an HTML file that contains a script which uses XHR calls to interact with the Argo Server API. The attacker emails the deep-link to the artifact to their victim. The victim opens the link, the script starts running. As the script has access to the Argo Server API (as the victim), so may read information about the victim’s workflows, or create and delete workflows. Note the attacker must be an insider: they must have access to the same cluster as the victim and must already be able to run their own workflows. The attacker must have an understanding of the victim’s system. We have seen no evidence of this in the wild. We urge all users to upgrade to the fixed versions. | |||||
CVE-2022-29171 | 1 Sourcegraph | 1 Sourcegraph | 2022-05-17 | 6.0 MEDIUM | 7.2 HIGH |
Sourcegraph is a fast and featureful code search and navigation engine. Versions before 3.38.0 are vulnerable to Remote Code Execution in the gitserver service. The Gitolite code host integration with Phabricator allows Sourcegraph site admins to specify a `callsignCommand`, which is used to obtain the Phabricator metadata for a Gitolite repository. An administrator who is able to edit or add a Gitolite code host and has administrative access to Sourcegraph’s bundled Grafana instance can change this command arbitrarily and run it remotely. This grants direct access to the infrastructure underlying the Sourcegraph installation. The attack requires: site-admin privileges on the instance of Sourcegraph, Administrative privileges on the bundled Grafana monitoring instance, Knowledge of the gitserver IP address or DNS name (if running in Kubernetes). This can be found through Grafana. The issue is patched in version 3.38.0. You may disable Gitolite code hosts. We still highly encourage upgrading regardless of workarounds. | |||||
CVE-2022-20117 | 1 Google | 1 Android | 2022-05-17 | 2.1 LOW | 5.5 MEDIUM |
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-217475903References: N/A | |||||
CVE-2022-20118 | 1 Google | 1 Android | 2022-05-17 | 6.9 MEDIUM | 7.0 HIGH |
In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205707793References: N/A | |||||
CVE-2022-20119 | 1 Google | 1 Android | 2022-05-17 | 2.1 LOW | 5.5 MEDIUM |
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A | |||||
CVE-2022-20120 | 1 Google | 1 Android | 2022-05-17 | 10.0 HIGH | 9.8 CRITICAL |
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A | |||||
CVE-2022-28973 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-05-17 | 7.8 HIGH | 7.5 HIGH |
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
CVE-2022-28972 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-05-17 | 7.8 HIGH | 7.5 HIGH |
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
CVE-2022-20121 | 1 Google | 1 Android | 2022-05-17 | 2.1 LOW | 5.5 MEDIUM |
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A | |||||
CVE-2021-39738 | 1 Google | 1 Android | 2022-05-17 | 7.2 HIGH | 7.8 HIGH |
In CarSetings, there is a possible to pair BT device bypassing user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216190509 | |||||
CVE-2015-4142 | 3 Opensuse, Redhat, W1.fi | 7 Opensuse, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more | 2022-05-17 | 4.3 MEDIUM | N/A |
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read. | |||||
CVE-2022-1214 | 2022-05-16 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2021-46380 | 2022-05-16 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: This is a duplicate to CVE-2022-22511 Notes: | |||||
CVE-2021-28090 | 2 Fedoraproject, Torproject | 2 Fedora, Tor | 2022-05-16 | 5.0 MEDIUM | 5.3 MEDIUM |
Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002. | |||||
CVE-2021-28089 | 2 Fedoraproject, Torproject | 2 Fedora, Tor | 2022-05-16 | 5.0 MEDIUM | 7.5 HIGH |
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001. | |||||
CVE-2021-30465 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Runc | 2022-05-16 | 6.0 MEDIUM | 8.5 HIGH |
runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition. | |||||
CVE-2021-28038 | 4 Debian, Linux, Netapp and 1 more | 5 Debian Linux, Linux Kernel, Cloud Backup and 2 more | 2022-05-16 | 4.9 MEDIUM | 6.5 MEDIUM |
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931. | |||||
CVE-2021-29629 | 1 Freebsd | 1 Freebsd | 2022-05-16 | 5.0 MEDIUM | 7.5 HIGH |
In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before r369859, 11.4-STABLE before r369866, 13.0-RELEASE before p1, 12.2-RELEASE before p7, and 11.4-RELEASE before p10, missing message validation in libradius(3) could allow malicious clients or servers to trigger denial of service in vulnerable servers or clients respectively. | |||||
CVE-2021-29628 | 1 Freebsd | 1 Freebsd | 2022-05-16 | 5.0 MEDIUM | 7.5 HIGH |
In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit. | |||||
CVE-2021-31229 | 2 Debian, Ezxml Project | 2 Debian Linux, Ezxml | 2022-05-16 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a one byte constant. |