Total
9158 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-39188 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A | 4.7 MEDIUM |
| An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. | |||||
| CVE-2022-39177 | 3 Bluez, Canonical, Debian | 3 Bluez, Ubuntu Linux, Debian Linux | 2024-11-21 | N/A | 8.8 HIGH |
| BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. | |||||
| CVE-2022-39176 | 3 Bluez, Canonical, Debian | 3 Bluez, Ubuntu Linux, Debian Linux | 2024-11-21 | N/A | 8.8 HIGH |
| BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. | |||||
| CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | |||||
| CVE-2022-38866 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38865 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38864 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. | |||||
| CVE-2022-38863 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. | |||||
| CVE-2022-38861 | 2 Debian, Mplayerhq | 2 Debian Linux, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c. | |||||
| CVE-2022-38860 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38858 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38855 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38851 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38850 | 2 Debian, Mplayerhq | 2 Debian Linux, Mencoder | 2024-11-21 | N/A | 5.5 MEDIUM |
| The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c. | |||||
| CVE-2022-38784 | 3 Debian, Fedoraproject, Freedesktop | 3 Debian Linux, Fedora, Poppler | 2024-11-21 | N/A | 7.8 HIGH |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | |||||
| CVE-2022-38751 | 2 Debian, Snakeyaml Project | 2 Debian Linux, Snakeyaml | 2024-11-21 | N/A | 6.5 MEDIUM |
| Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. | |||||
| CVE-2022-38750 | 2 Debian, Snakeyaml Project | 2 Debian Linux, Snakeyaml | 2024-11-21 | N/A | 6.5 MEDIUM |
| Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. | |||||
| CVE-2022-38749 | 2 Debian, Snakeyaml Project | 2 Debian Linux, Snakeyaml | 2024-11-21 | N/A | 6.5 MEDIUM |
| Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. | |||||
| CVE-2022-38648 | 2 Apache, Debian | 2 Batik, Debian Linux | 2024-11-21 | N/A | 5.3 MEDIUM |
| Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14. | |||||
| CVE-2022-38398 | 2 Apache, Debian | 2 Batik, Debian Linux | 2024-11-21 | N/A | 5.3 MEDIUM |
| Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14. | |||||