CWE:
 

Tytuł
Data
Autor
Low
OpenSSH 6.8 Insecure Functions
04.04.2015
NicholasL


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-05-11
Medium
CVE-2022-29932

Vendor: Primeur
Software: Spazio
 

 
The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request.

 
2022-05-04
High
CVE-2022-20785

Vendor: Clamav
Software: Clamav
 

 
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

 
Medium
CVE-2022-28487

Vendor: Broadcom
Software: Tcpreplay
 

 
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.

 
2022-05-03
Medium
CVE-2021-41959

Vendor: Jerryscript
Software: Jerryscript
 

 
JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak.

 
Medium
CVE-2021-42218

Vendor: RICE
Software: Open motion ...
 

 
OMPL v1.5.2 contains a memory leak in VFRRT.cpp

 
2022-05-02
Low
CVE-2022-1515

Vendor: Matio project
Software: Matio
 

 
A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS.

 
2022-04-12
Low
CVE-2022-23159

Vendor: DELL
Software: Emc powersca...
 

 
Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity.

 
2022-03-28
Low
CVE-2022-27950

Vendor: Linux
Software: Linux kernel
 

 
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition.

 
2022-03-23
Low
CVE-2022-0854

Vendor: Linux
Software: Linux kernel
 

 

 
2022-03-18
High
CVE-2022-0742

Vendor: Linux
Software: Linux kernel
 

 
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top