CVE-2022-3235
Use After Free in GitHub repository vim/vim prior to 9.0.0490.
Source: CVE-2022-3235
[월:] 2022년 09월
CVE-2022-40775
CVE-2022-40775
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields.
Source: CVE-2022-40775
CVE-2022-40774
CVE-2022-40774
An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize.
Source: CVE-2022-40774
CVE-2022-40769
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022.
Source: CVE-2022-40769
CVE-2022-25873
CVE-2022-25873
The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization in the ‘eventName’ function within the VCalendar component.
Source: CVE-2022-25873
CVE-2022-40768
CVE-2022-40768
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
Source: CVE-2022-40768
CVE-2022-40766
CVE-2022-40766
Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a ‘" OR 1 = 1 — – , <?php’ substring.
Source: CVE-2022-40766
CVE-2022-3234
CVE-2022-3234
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
Source: CVE-2022-3234
CVE-2022-3232
CVE-2022-3232
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5.
Source: CVE-2022-3232
CVE-2022-39960
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.
Source: CVE-2022-39960