Total
1241 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-35922 | 2 Fedoraproject, Rust-websocket Project | 2 Fedora, Rust-websocket | 2024-11-21 | 7.5 High |
| Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source. When `Vec::with_capacity` fails to allocate, the default Rust allocator will abort the current process, killing all threads. This affects only sync (non-Tokio) implementation. Async version also does not limit memory, but does not use `with_capacity`, so DoS can happen only when bytes for oversized dataframe or message actually got delivered by the attacker. The crashes are fixed in version 0.26.5 by imposing default dataframe size limits. Affected users are advised to update to this version. Users unable to upgrade are advised to filter websocket traffic externally or to only accept trusted traffic. | ||||
| CVE-2022-35915 | 1 Openzeppelin | 4 Contracts, Contracts Upgradeable, Openzeppelin-eth and 1 more | 2024-11-21 | 5.3 Medium |
| OpenZeppelin Contracts is a library for secure smart contract development. The target contract of an EIP-165 `supportsInterface` query can cause unbounded gas consumption by returning a lot of data, while it is generally assumed that this operation has a bounded cost. The issue has been fixed in v4.7.2. Users are advised to upgrade. There are no known workarounds for this issue. | ||||
| CVE-2022-35724 | 1 Apache | 1 Avro | 2024-11-21 | 7.5 High |
| It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue. | ||||
| CVE-2022-35505 | 1 Triplecross Project | 1 Triplecross | 2024-11-21 | 7.5 High |
| A segmentation fault in TripleCross v0.1.0 occurs when sending a control command from the client to the server. This occurs because there is no limit to the length of the output of the executed command. | ||||
| CVE-2022-35221 | 1 Teamplus | 1 Team\+ Pro | 2024-11-21 | 5.4 Medium |
| Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’ vulnerability on thread subject field. A remote attacker with general user privilege posting a thread subject with large content can cause the server to allocate too much memory, leading to missing partial post content and disrupt partial service. | ||||
| CVE-2022-35220 | 1 Teamplus | 1 Team\+ Pro | 2024-11-21 | 7.7 High |
| Teamplus Pro community discussion function has an ‘allocation of resource without limits or throttling’ vulnerability. A remote attacker with general user privilege posting a thread with large content can cause the receiving client device to allocate too much memory, leading to abnormal termination of this client’s Teamplus Pro application. | ||||
| CVE-2022-35219 | 2 Microsoft, Nhi | 2 Windows, Health Insurance Web Service Component | 2024-11-21 | 5.5 Medium |
| The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service. | ||||
| CVE-2022-35218 | 2 Microsoft, Nhi | 2 Windows, Health Insurance Web Service Component | 2024-11-21 | 5.5 Medium |
| The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service. | ||||
| CVE-2022-35111 | 1 Swftools | 1 Swftools | 2024-11-21 | 5.5 Medium |
| SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer::StackDepotNode::hash(__sanitizer::StackTrace const&) at /sanitizer_common/sanitizer_stackdepot.cpp. | ||||
| CVE-2022-35107 | 1 Swftools | 1 Swftools | 2024-11-21 | 5.5 Medium |
| SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vfprintf.c. | ||||
| CVE-2022-35089 | 1 Swftools | 1 Swftools | 2024-11-21 | 5.5 Medium |
| SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/src/gif2swf. | ||||
| CVE-2022-35009 | 1 Pngdec Project | 1 Pngdec | 2024-11-21 | 6.5 Medium |
| PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux.cpp. | ||||
| CVE-2022-34917 | 2 Apache, Redhat | 2 Kafka, Amq Streams | 2024-11-21 | 7.5 High |
| A security vulnerability has been identified in Apache Kafka. It affects all releases since 2.8.0. The vulnerability allows malicious unauthenticated clients to allocate large amounts of memory on brokers. This can lead to brokers hitting OutOfMemoryException and causing denial of service. Example scenarios: - Kafka cluster without authentication: Any clients able to establish a network connection to a broker can trigger the issue. - Kafka cluster with SASL authentication: Any clients able to establish a network connection to a broker, without the need for valid SASL credentials, can trigger the issue. - Kafka cluster with TLS authentication: Only clients able to successfully authenticate via TLS can trigger the issue. We advise the users to upgrade the Kafka installations to one of the 3.2.3, 3.1.2, 3.0.2, 2.8.2 versions. | ||||
| CVE-2022-34750 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 7.5 High |
| An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the Wikibase and WikibaseLexeme extensions. This is related to Special:NewLexeme and Special:NewProperty. | ||||
| CVE-2022-34439 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 5.3 Medium |
| Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node. | ||||
| CVE-2022-34308 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2024-11-21 | 5.5 Medium |
| IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437. | ||||
| CVE-2022-33749 | 1 Xen | 1 Xapi | 2024-11-21 | 5.3 Medium |
| XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. This causes XAPI to be unable to accept new requests for other (trusted) clients, and blocks XAPI from carrying out any tasks that require the opening of file descriptors. | ||||
| CVE-2022-32958 | 1 Teamplus | 1 Team\+ Pro | 2024-11-21 | 7.7 High |
| A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process. | ||||
| CVE-2022-32559 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 9.1 Critical |
| An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics. | ||||
| CVE-2022-32206 | 7 Debian, Fedoraproject, Haxx and 4 more | 35 Debian Linux, Fedora, Curl and 32 more | 2024-11-21 | 6.5 Medium |
| curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. | ||||