Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5188 | 6 Canonical, Debian, E2fsprogs Project and 3 more | 8 Ubuntu Linux, Debian Linux, E2fsprogs and 5 more | 2022-05-12 | 4.4 MEDIUM | 6.7 MEDIUM |
| A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. | |||||
| CVE-2022-1575 | 1 Diagrams | 1 Drawio | 2022-05-12 | 6.8 MEDIUM | 9.6 CRITICAL |
| Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app. | |||||
| CVE-2017-12652 | 2 Libpng, Netapp | 2 Libpng, Active Iq Unified Manager | 2022-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| libpng before 1.6.32 does not properly check the length of chunks against the user limit. | |||||
| CVE-2018-14337 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length. | |||||
| CVE-2018-12249 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c. | |||||
| CVE-2018-11743 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-10191 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code. | |||||
| CVE-2017-12166 | 2 Debian, Openvpn | 2 Debian Linux, Openvpn | 2022-05-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. | |||||
| CVE-2017-9527 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 6.8 MEDIUM | 7.8 HIGH |
| The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impact via a crafted .rb file. | |||||
| CVE-2022-25344 | 1 Olivetti | 2 D-color Mf3555, D-color Mf3555 Firmware | 2022-05-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application doesn't properly check parameters, sent in a /dvcset/sysset/set.cgi POST request via the arg01.Hostname field, before saving them on the server. In addition, the JavaScript malicious content is then reflected back to the end user and executed by the web browser. | |||||
| CVE-2022-25343 | 1 Olivetti | 2 D-color Mf3555, D-color Mf3555 Firmware | 2022-05-12 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application is affected by Denial of Service. An unauthenticated attacker, who can send POST requests to the /download/set.cgi page by manipulating the failhtmfile variable, is able to cause interruption of the service provided by the Web Application. | |||||
| CVE-2022-25342 | 1 Olivetti | 2 D-color Mf3555, D-color Mf3555 Firmware | 2022-05-12 | 5.5 MEDIUM | 8.1 HIGH |
| An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application is affected by Broken Access Control. It does not properly validate requests for access to data and functionality under the /mngset/authset path. By not verifying permissions for access to resources, it allows a potential attacker to view pages that are not allowed. | |||||
| CVE-2022-28796 | 4 Fedoraproject, Linux, Netapp and 1 more | 24 Fedora, Linux Kernel, Active Iq Unified Manager and 21 more | 2022-05-12 | 6.9 MEDIUM | 7.0 HIGH |
| jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. | |||||
| CVE-2022-27882 | 1 Openbsd | 1 Openbsd | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation. | |||||
| CVE-2022-27881 | 1 Openbsd | 1 Openbsd | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation. | |||||
| CVE-2021-21958 | 1 Hancom | 1 Hancom Office 2020 | 2022-05-12 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-24448 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2022-05-12 | 1.9 LOW | 3.3 LOW |
| An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. | |||||
| CVE-2022-29938 | 1 Librehealth | 1 Librehealth Ehr | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameter payment_id in interface\billing\new_payment.php via interface\billing\payment_master.inc.php leads to SQL injection. | |||||
| CVE-2022-29940 | 1 Librehealth | 1 Librehealth Ehr | 2022-05-12 | 3.5 LOW | 5.4 MEDIUM |
| In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\find_order_popup.php leads to multiple cross-site scripting (XSS) vulnerabilities. | |||||
| CVE-2022-29939 | 1 Librehealth | 1 Librehealth Ehr | 2022-05-12 | 3.5 LOW | 5.4 MEDIUM |
| In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters debug and InsId in interface\billing\sl_eob_process.php leads to multiple cross-site scripting (XSS) vulnerabilities. | |||||