|
391
|
6.1
-
|
MEDIUM
Network
|
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the vi…
|
CWE-79
Cross-site Scripting
|
CVE-2022-35653
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 16:11
2022-07-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
392
|
6.1
-
|
MEDIUM
Network
|
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to foll…
|
CWE-79
Cross-site Scripting
|
CVE-2022-35651
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 16:11
2022-07-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
393
|
5.7
-
|
MEDIUM
Adjacent
|
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the…
|
NVD-CWE-Other
|
CVE-2022-2393
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 16:00
2022-07-15
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
394
|
6.5
4.3
|
MEDIUM
Network
|
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either b…
|
CWE-120
Classic Buffer Overflow
|
CVE-2022-2211
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 16:00
2022-07-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
395
|
7.0
4.4
|
HIGH
Local
|
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some tr…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-3697
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.4:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 15:22
2022-07-7
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
396
|
4.5
6.9
|
MEDIUM
Local
|
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact ma…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-3696
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.4:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 15:22
2022-07-7
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
397
|
4.5
4.4
|
MEDIUM
Local
|
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution an…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-3695
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.4:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 15:22
2022-07-7
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
398
|
5.5
2.1
|
MEDIUM
Local
|
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of s…
|
-
|
CVE-2022-2078
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 16:00
2022-06-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
399
|
5.5
2.1
|
MEDIUM
Local
|
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-1852
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 15:41
2022-06-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
400
|
3.3
2.1
|
LOW
Local
|
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and k…
|
NVD-CWE-noinfo
|
CVE-2022-0987
|
cpe:2.3:o:redhat:enterprise_linux:9.0:*
|
|
|
|
|
2024-11-21 15:39
2022-06-29
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|