|
421
|
4.3
4.0
|
MEDIUM
Network
|
Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badg…
|
CWE-863
Incorrect Authorization
|
CVE-2022-0984
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 15:39
2022-04-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
422
|
8.2
4.6
|
HIGH
Local
|
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor…
|
CWE-362 CWE-120
Race Condition Classic Buffer Overflow
|
CVE-2021-4207
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 15:37
2022-04-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
423
|
8.2
4.6
|
HIGH
Local
|
A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-base…
|
CWE-190 CWE-120 CWE-131
Integer Overflow or Wraparound Classic Buffer Overflow Incorrect Calculation of Buffer Size
|
CVE-2021-4206
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 15:37
2022-04-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
424
|
7.1
3.6
|
HIGH
Local
|
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system cras…
|
NVD-CWE-noinfo
|
CVE-2022-1353
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 15:40
2022-04-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
425
|
8.8
6.8
|
HIGH
Network
|
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability…
|
CWE-269
Improper Privilege Management
|
CVE-2022-1227
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 15:40
2022-04-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
426
|
7.0
6.9
|
HIGH
Local
|
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PC…
|
CWE-362 CWE-416
Race Condition Use After Free
|
CVE-2022-1048
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 15:39
2022-04-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
427
|
5.3
5.0
|
MEDIUM
Network
|
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-42781
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 15:28
2022-04-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
428
|
5.3
5.0
|
MEDIUM
Network
|
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
|
CWE-252
Unchecked Return Value
|
CVE-2021-42780
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 15:28
2022-04-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
429
|
5.3
5.0
|
MEDIUM
Network
|
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
|
CWE-416
Use After Free
|
CVE-2021-42779
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 15:28
2022-04-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
430
|
5.3
5.0
|
MEDIUM
Network
|
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
|
CWE-415
Double Free
|
CVE-2021-42778
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 15:28
2022-04-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|