| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-28796 |
416 |
|
|
2022-04-08 |
2022-05-12 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. |
|
2 |
CVE-2022-27650 |
276 |
|
|
2022-04-04 |
2022-04-13 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. |
|
3 |
CVE-2022-27649 |
276 |
|
|
2022-04-04 |
2022-05-14 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. |
|
4 |
CVE-2022-1304 |
125 |
|
Exec Code |
2022-04-14 |
2022-04-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. |
|
5 |
CVE-2022-1227 |
269 |
|
DoS |
2022-04-29 |
2022-05-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. |
|
6 |
CVE-2022-1048 |
362 |
|
|
2022-04-29 |
2022-05-11 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. |
|
7 |
CVE-2022-0996 |
613 |
|
|
2022-03-23 |
2022-04-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. |
|
8 |
CVE-2022-0918 |
|
|
DoS |
2022-03-16 |
2022-03-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing. |
|
9 |
CVE-2022-0853 |
401 |
|
+Info |
2022-03-11 |
2022-03-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability. |
|
10 |
CVE-2022-0759 |
295 |
|
|
2022-03-25 |
2022-04-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate (it wrongly returns VERIFY_NONE). Ruby applications that leverage kubeclient to parse kubeconfig files are susceptible to Man-in-the-middle attacks (MITM). |
|
11 |
CVE-2022-0711 |
835 |
|
DoS |
2022-03-02 |
2022-04-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability. |
|
12 |
CVE-2022-0671 |
400 |
|
|
2022-02-18 |
2022-02-26 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file. |
|
13 |
CVE-2021-45463 |
|
|
Exec Code |
2021-12-23 |
2022-02-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.34 are used in GIMP releases before 2.10.30; however, this does not imply that GIMP builds enable the vulnerable feature. |
|
14 |
CVE-2021-45078 |
787 |
|
DoS Overflow |
2021-12-15 |
2022-03-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. |
|
15 |
CVE-2021-43860 |
276 |
|
|
2022-01-12 |
2022-02-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a null byte in the metadata file of an app. Therefore apps can grant themselves permissions without the consent of the user. Flatpak shows permissions to the user during install by reading them from the "xa.metadata" key in the commit metadata. This cannot contain a null terminator, because it is an untrusted GVariant. Flatpak compares these permissions to the *actual* metadata, from the "metadata" file to ensure it wasn't lied to. However, the actual metadata contents are loaded in several places where they are read as simple C-style strings. That means that, if the metadata file includes a null terminator, only the content of the file from *before* the terminator gets compared to xa.metadata. Thus, any permissions that appear in the metadata file after a null terminator are applied at runtime but not shown to the user. So maliciously crafted apps can give themselves hidden permissions. Users who have Flatpaks installed from untrusted sources are at risk in case the Flatpak has a maliciously crafted metadata file, either initially or in an update. This issue is patched in versions 1.12.3 and 1.10.6. As a workaround, users can manually check the permissions of installed apps by checking the metadata file or the xa.metadata key on the commit metadata. |
|
16 |
CVE-2021-42781 |
787 |
|
Overflow |
2022-04-18 |
2022-04-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. |
|
17 |
CVE-2021-42780 |
252 |
|
|
2022-04-18 |
2022-04-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. |
|
18 |
CVE-2021-42779 |
416 |
|
|
2022-04-18 |
2022-04-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. |
|
19 |
CVE-2021-42778 |
672 |
|
|
2022-04-18 |
2022-04-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. |
|
20 |
CVE-2021-41819 |
565 |
|
|
2022-01-01 |
2022-05-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. |
|
21 |
CVE-2021-41817 |
|
|
DoS |
2022-01-01 |
2022-05-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. |
|
22 |
CVE-2021-40153 |
22 |
|
Dir. Trav. |
2021-08-27 |
2021-10-07 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination. |
|
23 |
CVE-2021-39251 |
476 |
|
|
2021-09-07 |
2021-11-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. |
|
24 |
CVE-2021-33285 |
787 |
|
DoS Overflow |
2021-09-07 |
2022-05-03 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild. |
|
25 |
CVE-2021-32027 |
119 |
|
Overflow |
2021-06-01 |
2021-09-14 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
26 |
CVE-2021-31918 |
200 |
|
+Info |
2021-05-06 |
2021-05-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality. |
|
27 |
CVE-2021-31916 |
787 |
|
+Priv +Info |
2021-05-06 |
2022-01-01 |
6.1 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Complete |
|
An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. |
|
28 |
CVE-2021-30500 |
476 |
|
DoS Exec Code |
2021-05-27 |
2021-06-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file. |
|
29 |
CVE-2021-26252 |
787 |
|
DoS Exec Code Overflow |
2022-02-24 |
2022-03-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in pspdf_prepare_page(),in ps-pdf.cxx may lead to execute arbitrary code and denial of service. |
|
30 |
CVE-2021-23214 |
89 |
|
Sql |
2022-03-04 |
2022-03-15 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. |
|
31 |
CVE-2021-20324 |
384 |
|
|
2022-04-18 |
2022-04-26 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
A flaw was found in WildFly Elytron. A variation to the use of a session fixation exploit when using Undertow was found despite Undertow switching the session ID after authentication. |
|
32 |
CVE-2021-20319 |
347 |
|
Bypass |
2022-03-04 |
2022-03-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed. |
|
33 |
CVE-2021-20318 |
502 |
|
Exec Code |
2021-12-23 |
2022-01-07 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage. |
|
34 |
CVE-2021-20305 |
787 |
|
|
2021-04-05 |
2021-12-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. |
|
35 |
CVE-2021-20289 |
209 |
|
|
2021-03-26 |
2022-05-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality. |
|
36 |
CVE-2021-20288 |
287 |
|
|
2021-04-15 |
2021-06-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
37 |
CVE-2021-20271 |
345 |
|
Exec Code |
2021-03-26 |
2021-12-10 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability. |
|
38 |
CVE-2021-20270 |
835 |
|
DoS |
2021-03-23 |
2021-12-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. |
|
39 |
CVE-2021-20267 |
345 |
|
DoS |
2021-05-28 |
2021-07-12 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
None |
Partial |
|
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected. |
|
40 |
CVE-2021-20252 |
20 |
|
DoS |
2021-02-23 |
2021-02-27 |
6.8 |
None |
Remote |
Low |
??? |
None |
None |
Complete |
|
A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal server error resulting in denial of service. The highest threat from this vulnerability is to system availability. |
|
41 |
CVE-2021-20228 |
522 |
|
+Info |
2021-04-29 |
2021-12-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality. |
|
42 |
CVE-2021-20222 |
20 |
|
Exec Code |
2021-03-23 |
2021-05-19 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in keycloak. The new account console in keycloak can allow malicious code to be executed using the referrer URL. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
43 |
CVE-2021-20220 |
444 |
|
XSS +Info |
2021-02-23 |
2022-02-22 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity. |
|
44 |
CVE-2021-20218 |
22 |
|
Dir. Trav. |
2021-03-16 |
2021-03-25 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2 |
|
45 |
CVE-2021-20201 |
400 |
|
DoS |
2021-05-28 |
2021-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection. |
|
46 |
CVE-2021-20198 |
306 |
|
Exec Code |
2021-02-23 |
2021-02-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated `/exec` requests to execute arbitrary commands within running containers. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
47 |
CVE-2021-20195 |
20 |
|
XSS |
2021-05-28 |
2021-06-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields not being properly encoded and Javascript code being used to process the data. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
48 |
CVE-2021-20188 |
863 |
|
|
2021-02-11 |
2021-02-17 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
49 |
CVE-2021-20182 |
552 |
|
+Priv |
2021-02-23 |
2021-05-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as the network and storage devices, to at least escalate their privileges to that of the cluster admin. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
50 |
CVE-2021-20179 |
863 |
|
|
2021-03-15 |
2021-03-24 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity. |
