βΌ CVE-2022-45315 βΌ
π Read
via "National Vulnerability Database".
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45478 βΌ
π Read
via "National Vulnerability Database".
Telepad allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:Nπ Read
via "National Vulnerability Database".
βΌ CVE-2022-32596 βΌ
π Read
via "National Vulnerability Database".
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32624 βΌ
π Read
via "National Vulnerability Database".
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405923; Issue ID: ALPS07405923.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32629 βΌ
π Read
via "National Vulnerability Database".
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310774; Issue ID: ALPS07310774.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4269 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32625 βΌ
π Read
via "National Vulnerability Database".
In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ID: ALPS07326216.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32633 βΌ
π Read
via "National Vulnerability Database".
In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32621 βΌ
π Read
via "National Vulnerability Database".
In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310829.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32594 βΌ
π Read
via "National Vulnerability Database".
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32598 βΌ
π Read
via "National Vulnerability Database".
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32597 βΌ
π Read
via "National Vulnerability Database".
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45313 βΌ
π Read
via "National Vulnerability Database".
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32620 βΌ
π Read
via "National Vulnerability Database".
In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32622 βΌ
π Read
via "National Vulnerability Database".
In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; Issue ID: ALPS07363786.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32631 βΌ
π Read
via "National Vulnerability Database".
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32630 βΌ
π Read
via "National Vulnerability Database".
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405966; Issue ID: ALPS07405966.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32628 βΌ
π Read
via "National Vulnerability Database".
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALPS07310780.π Read
via "National Vulnerability Database".
β Ping of death! FreeBSD fixes crashtastic bug in network tool β
π Read
via "Naked Security".
It's a venerable program, and this version had a venerable bug in it.π Read
via "Naked Security".
Naked Security
Ping of death! FreeBSD fixes crashtastic bug in network tool
Itβs a venerable program, and this version had a venerable bug in it.
βΌ CVE-2022-3837 βΌ
π Read
via "National Vulnerability Database".
The Uji Countdown WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).π Read
via "National Vulnerability Database".
βΌ CVE-2022-3892 βΌ
π Read
via "National Vulnerability Database".
The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.2 does not sanitize and escape Client IDs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)π Read
via "National Vulnerability Database".