CVE-2022-48174

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

Source: CVE-2022-48174

CVE-2022-48564

read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.

Source: CVE-2022-48564

CVE-2022-48560

A use-after-free exists in Python through 3.9 via heappushpop in heapq.

Source: CVE-2022-48560

CVE-2022-48554

File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.

Source: CVE-2022-48554

CVE-2022-48547

A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php.

Source: CVE-2022-48547

CVE-2022-48545

An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.

Source: CVE-2022-48545

CVE-2022-48065

GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.

Source: CVE-2022-48065

CVE-2022-47008

An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.

Source: CVE-2022-47008

CVE-2022-45582

Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.

Source: CVE-2022-45582

CVE-2022-48063

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.

Source: CVE-2022-48063