CVE-2021-44577
Two heap-overflow vulnerabilities exist in openSUSE libsolv through 13 Dec 2020 bugs in the propagate function at src/solver.c: line 490 and 524.
Source: CVE-2021-44577
[월:] 2022년 02월
CVE-2021-44576
CVE-2021-44576
Two memory vulnerabilities exists in openSUSE libsolv through 13 Dec 2020 in the resolve_weak function at src/solver.c: line 2222 and 2249.
Source: CVE-2021-44576
CVE-2021-44571
CVE-2021-44571
A heap overflow vulnerability exisfts in openSUSE libsolv through 13 Dec 2020 in the prefer_suggested function at src/policy.c: line 442.
Source: CVE-2021-44571
CVE-2022-0563
CVE-2022-0563
A flaw was found in the Linux kernel’s util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.
Source: CVE-2022-0563
CVE-2021-44569
CVE-2021-44569
A heap-buffer openSUSE libsolv through 13 Dec 2020 exists in the solver_solve function at src/solver.c: line 3445.
Source: CVE-2021-44569
CVE-2021-44570
CVE-2021-44570
Two heap-overflow vulnerabilities exists in openSUSE/libsolv through 13 Dec 2020 in the bugs in the solver_get_recommendations funtion function at src/solver.c: line 4286 & line 4305 FOR_PROVIDES.
Source: CVE-2021-44570
CVE-2022-23983
CVE-2022-23983
Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4).
Source: CVE-2022-23983
CVE-2022-24295
CVE-2022-24295
Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially crafted URL.
Source: CVE-2022-24295
CVE-2022-23984
CVE-2022-23984
Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).
Source: CVE-2022-23984
CVE-2022-25599
CVE-2022-25599
Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin (versions <= 4.9.0).
Source: CVE-2022-25599