CVE-2022-3371
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.
Source: CVE-2022-3371
[월:] 2022년 09월
CVE-2022-37461
CVE-2022-37461
Multiple cross-site scripting (XSS) vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the (2) groupID, (3) offset, or (4) limit parameter to an Administrative Panel (Group and Users) page. There is a risk of an attacker retrieving patient information.
Source: CVE-2022-37461
CVE-2022-2529
CVE-2022-2529
sflow decode package does not employ sufficient packet sanitisation which can lead to a denial of service attack. Attackers can craft malformed packets causing the process to consume large amounts of memory resulting in a denial of service.
Source: CVE-2022-2529
CVE-2022-2922
CVE-2022-2922
Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0.
Source: CVE-2022-2922
CVE-2022-41850
CVE-2022-41850
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
Source: CVE-2022-41850
CVE-2022-41849
CVE-2022-41849
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.
Source: CVE-2022-41849
CVE-2022-41848
CVE-2022-41848
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
Source: CVE-2022-41848
CVE-2022-41845
CVE-2022-41845
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h.
Source: CVE-2022-41845
CVE-2022-41846
CVE-2022-41846
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.
Source: CVE-2022-41846
CVE-2022-41844
CVE-2022-41844
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088.
Source: CVE-2022-41844