CVE-2022-2906
An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.
Source: CVE-2022-2906
CVE-2022-2881
The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.
Source: CVE-2022-2881
CVE-2022-2795
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver’s performance, effectively denying legitimate clients access to the DNS resolution service.
Source: CVE-2022-2795
CVE-2022-2872
Unrestricted Upload of File with Dangerous Type in GitHub repository octoprint/octoprint prior to 1.8.3.
Source: CVE-2022-2872
CVE-2022-0495
The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.
Source: CVE-2022-0495
CVE-2022-41222
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
Source: CVE-2022-41222
CVE-2022-40604
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.
Source: CVE-2022-40604
CVE-2022-2315
Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2.
Source: CVE-2022-2315
CVE-2022-40754
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver’s `/confirm` endpoint.
Source: CVE-2022-40754
CVE-2022-41218
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
Source: CVE-2022-41218