CVE-2022-1341
An issue was discovered in in bwm-ng v0.6.2. An arbitrary null write exists in get_cmdln_options() function in src/options.c.
Source: CVE-2022-1341
[월:] 2022년 04월
CVE-2021-42778
CVE-2021-42778
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
Source: CVE-2021-42778
CVE-2022-27652
CVE-2022-27652
A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
Source: CVE-2022-27652
CVE-2022-23976
CVE-2022-23976
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to reset all data (posts / pages / media).
Source: CVE-2022-23976
CVE-2022-27529
CVE-2022-27529
A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the allocated buffer while parsing PICT, BMP, PSD or TIF file. This vulnerability may be exploited to execute arbitrary code.
Source: CVE-2022-27529
CVE-2022-27530
CVE-2022-27530
A maliciously crafted TIF or PICT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability may be exploited to execute arbitrary code.
Source: CVE-2022-27530
CVE-2022-27525
CVE-2022-27525
A malicious crafted .dwf file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current proces.
Source: CVE-2022-27525
CVE-2022-23975
CVE-2022-23975
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to activate any installed plugin.
Source: CVE-2022-23975
CVE-2022-27526
CVE-2022-27526
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Source: CVE-2022-27526
CVE-2021-42782
CVE-2021-42782
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.
Source: CVE-2021-42782