a

October 18, 2022, 12:04 pm

 a

Generated: October 18, 2022, 12:04 pm

Report date: Items period before October 18, 2022, 12:04 pm
Description: a

CONTENTS

a ................................................................................................................................................ 3

pandorafms.com 2
 a

Agent Module Date CVE Description Score Link Packages State Fixed

A flaw was found in the way samba

implemented SMB1 authentication.
libsmbclient,libwbclient,samba
An attacker could use this flaw to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2016-2124 5.9 -client-libs,samba-common,samb
retrieve the plaintext password sent il/CVE-2016-2124
a-common-libs
over the wire even if Kerberos
authentication was required.
Possible cross-site scripting
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2016-3709 vulnerability in libxml after commit 6.1 libxml2 Affected no
il/CVE-2016-3709
960f0e2.
libarchive 3.3.2 allows remote
attackers to cause a denial of
service (xml_data heap-based buffer
over-read and application crash) via
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2017-14166 a crafted xar archive, related to the 6.5 libarchive Affected no
il/CVE-2017-14166
mishandling of empty strings in the
atol8 function in
archive_read_support_format_xa
r.c.
An out-of-bounds read flaw exists in
parse_file_info in
archive_read_support_format_is
o9660.c in libarchive 3.3.2 when https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2017-14501 6.5 libarchive Affected no
extracting a specially crafted il/CVE-2017-14501
iso9660 iso file, related to
archive_read_format_iso9660_re
ad_header.
An issue was discovered in cp-
demangle.c in GNU libiberty, as
distributed in GNU Binutils 2.31.
There is a stack consumption
vulnerability resulting from infinite
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2018-18700 recursion in the functions d_name(), 5.5 binutils Affected no
il/CVE-2018-18700
d_encoding(), and d_local_name() in
cp-demangle.c. Remote attackers
could leverage this vulnerability to
cause a denial-of-service via an ELF
file, as demonstrated by nm.
zlib before 1.2.12 allows memory
corruption when deflating (i.e., https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2018-25032 7.5 rsync,zlib,zlib-devel
when compressing) if the input has il/CVE-2018-25032
many distant matches.
TSX Asynchronous Abort condition
on some CPUs utilizing speculative
execution may allow an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2019-11135 6.5 microcode_ctl Affected no
authenticated user to potentially il/CVE-2019-11135
enable information disclosure via a
side channel with local access.
Improper conditions check in the
voltage modulation interface for
some Intel(R) Xeon(R) Scalable https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2019-11139 6 microcode_ctl Affected no
Processors may allow a privileged il/CVE-2019-11139
user to potentially enable denial of
service via local access.
An issue was discovered in the
Linux kernel before 5.2.3. There is a
use-after-free caused by a malicious https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2019-15213 4.6 kernel Affected no
USB device in the il/CVE-2019-15213
drivers/media/usb/dvb-usb/dvb-
usb-init.c driver.
An issue was discovered in the
Linux kernel before 5.1.8. There is a
NULL pointer dereference caused https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2019-15219 4.6 kernel Affected no
by a malicious USB device in the il/CVE-2019-15219
drivers/usb/misc/sisusbvga/sis
usb.c driver.
Oniguruma through 6.9.3, as used
in PHP 7.3.x and other products,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2019-19246 has a heap-based buffer over-read 7.5 oniguruma Affected no
il/CVE-2019-19246
in str_lower_case_match in
regexec.c.
In the Linux kernel before 5.2.10,
there is a use-after-free bug that
can be caused by a malicious USB https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2019-19530 4.6 kernel Affected no
device in the drivers/usb/class/cdc- il/CVE-2019-19530
acm.c driver, aka CID-
c52873e5a1ef.
mwifiex_tm_cmd in
drivers/net/wireless/marvell/m
wifiex/cfg80211.c in the Linux
kernel before 5.1.6 has some error- https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2019-20095 5.5 kernel Affected no
handling cases that did not free il/CVE-2019-20095
allocated hostcmd memory, aka
CID-003b686ace82. This will cause
a memory leak and denial of service.
In uvc_scan_chain_forward of
uvc_driver.c, there is a possible
linked list corruption due to an
unusual root cause. This could lead
to local escalation of privilege in the
kernel with no additional execution bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-0404 privileges needed. User interaction 5.5 nel-modules,kernel-tools,kerne
il/CVE-2020-0404
is not needed for l-tools-libs,python3-perf
exploitation.Product:
AndroidVersions: Android
kernelAndroid ID:
A-111893654References: Upstream
kernel
In uvc_scan_chain_forward of
uvc_driver.c, there is a possible
linked list corruption due to an
unusual root cause. This could lead
to local escalation of privilege in the
kernel with no additional execution
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-0404 privileges needed. User interaction 5.5 kernel Affected no
il/CVE-2020-0404
is not needed for
exploitation.Product:
AndroidVersions: Android
kernelAndroid ID:
A-111893654References: Upstream
kernel

pandorafms.com 3
 a

Agent Module Date CVE Description Score Link Packages State Fixed

An issue was discovered in the

Linux kernel 4.4 through 5.7.1.
drivers/tty/vt/keyboard.c has an
integer overflow if k_ascii is called bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-13974 several times in a row, aka CID- 7.8 nel-modules,kernel-tools,kerne
il/CVE-2020-13974
b86dab054059. NOTE: Members in l-tools-libs,python3-perf
the community argue that the
integer overflow does not lead to a
security issue in this case.
A flaw was found in the Linux kernel
in versions before 5.9-rc6. When
changing screen size, an out-of-
bounds memory write can occur https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-14390 5.6 kernel Affected no
leading to memory corruption or a il/CVE-2020-14390
denial of service. Due to the nature
of the flaw, privilege escalation
cannot be fully ruled out.
In the Linux kernel before 5.4.16, a
race condition in tty->disc_data
handling in the slip and slcan line
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-14416 discipline could lead to a use-after- 4.2 kernel Affected no
il/CVE-2020-14416
free, aka CID-0ace17d56824. This
affects drivers/net/slip/slip.c and
drivers/net/can/slcan.c.
Buffer Overflow in LibTiff v4.0.10
allows attackers to cause a denial of
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-19131 service via the "invertImage()" 7.5 libtiff
il/CVE-2020-19131
function in the component
"tiffcrop".
A flaw was found in the Linux kernel
in versions before 5.9-rc7. Traffic
between two Geneve endpoints may
be unencrypted when IPsec is
configured to encrypt traffic for the
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-25645 specific UDP port used by the 7.5 kernel Affected no
il/CVE-2020-25645
GENEVE tunnel allowing anyone
between the two endpoints to read
the traffic unencrypted. The main
threat from this vulnerability is to
data confidentiality.
A flaw was found in the way Samba
maps domain users to local users. libsmbclient,libwbclient,samba
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-25717 An authenticated attacker could use 8.1 -client-libs,samba-common,samb
il/CVE-2020-25717
this flaw to cause possible privilege a-common-libs
escalation.
An issue was discovered in the
Linux kernel before 5.11.8.
kernel/bpf/verifier.c performs
undesirable out-of-bounds
speculation on pointer arithmetic,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-27170 leading to side-channel attacks that 4.7 kernel Affected no
il/CVE-2020-27170
defeat Spectre mitigations and
obtain sensitive information from
kernel memory, aka CID-
f232326f6966. This affects pointer
types that do not define a ptr_limit.
An issue was discovered in the
Linux kernel before 5.11.8.
kernel/bpf/verifier.c has an off-by-
one error (with a resultant integer
underflow) affecting out-of-bounds
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-27171 speculation on pointer arithmetic, 6 kernel Affected no
il/CVE-2020-27171
leading to side-channel attacks that
defeat Spectre mitigations and
obtain sensitive information from
kernel memory, aka
CID-10d2bb2e6b1d.
A vulnerability was found in Linux
kernel, where a use-after-frees in
nouveau's postclose() handler could
bpftool,kernel,kernel-core,ker
happen if removing device (that is https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-27820 4.7 nel-modules,kernel-tools,kerne
not common to remove video card il/CVE-2020-27820
l-tools-libs,python3-perf
physically without power-off, but
same happens if "unbind" the
driver).
The vgacon subsystem in the Linux
kernel before 5.8.10 mishandles
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-28097 software scrollback. There is a 5.9 kernel Affected no
il/CVE-2020-28097
vgacon_scrolldelta out-of-bounds
read, aka CID-973c096f6a85.
A buffer over-read (at the
framebuffer layer) in the fbcon code
bpftool,kernel,kernel-core,ker
in the Linux kernel before 5.8.15 https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-28915 5.8 nel-modules,kernel-tools,kerne
could be used by local attackers to il/CVE-2020-28915
l-tools-libs,python3-perf
read kernel memory, aka
CID-6735b4632def.
An issue was discovered in the
Linux kernel before 5.7.3, related to
mm/gup.c and mm/huge_memory.c.
The get_user_pages (aka gup)
implementation, when used for a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-29374 3.6 kernel Affected no
copy-on-write page, does not il/CVE-2020-29374
properly consider the semantics of
read operations and therefore can
grant unintended write access, aka
CID-17839856fd58.
A flaw was found in cairo's image-
compositor.c in all versions prior to
1.17.4. This flaw allows an attacker
who can provide a crafted input file
to cairo's image-compositor (for
example, by convincing a user to
open a file in an application using https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-35492 7.8 cairo
cairo, or if an application uses cairo il/CVE-2020-35492
on untrusted input) to cause a stack
buffer overflow -> out-of-bounds
WRITE. The highest impact from
this vulnerability is to
confidentiality, integrity, as well as
system availability.
A flaw was found in the Linux
kernels implementation of audit
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-35501 rules, where a syscall can 3.4 kernel Affected no
il/CVE-2020-35501
unexpectedly not be correctly not
be logged by the audit subsystem
In SQlite 3.31.1, a potential null
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-35525 pointer derreference was found in 7.5 sqlite Affected no
il/CVE-2020-35525
the INTERSEC query processing.

pandorafms.com 4
 a

Agent Module Date CVE Description Score Link Packages State Fixed

In SQLite 3.31.1, there is an out of

bounds access problem through https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-35527 9.8 sqlite Affected no
ALTER TABLE for views that have a il/CVE-2020-35527
nested FROM clause.
An issue was discovered in the
Linux kernel before 5.9.
arch/x86/kvm/svm/sev.c allows
attackers to cause a denial of
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-36311 service (soft lockup) by triggering 5.5 kernel Affected no
il/CVE-2020-36311
destruction of a large SEV VM
(which requires unregistering many
encrypted regions), aka
CID-7be74942f184.
An issue was discovered in the
Linux kernel through 5.16.11. The
mixed IPID assignment method with
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-36516 the hash-based IPID assignment 5.9 kernel Affected no
il/CVE-2020-36516
policy allows an off-path attacker to
inject data into a victim's TCP
session or terminate that session.
A race condition in the Linux kernel
before 5.6.2 between the
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-36557 VT_DISALLOCATE ioctl and 5.1 kernel Affected no
il/CVE-2020-36557
closing/opening of ttys could lead to
a use-after-free.
A race condition in the Linux kernel
before 5.5.7 involving VT_RESIZEX
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-36558 could lead to a NULL pointer 5.1 kernel Affected no
il/CVE-2020-36558
dereference and general protection
fault.
u'Specifically timed and
handcrafted traffic can cause
internal errors in a WLAN device
that lead to improper layer 2 Wi-Fi
encryption with a consequent
possibility of information disclosure
over the air for a discrete set of
traffic' in Snapdragon Auto,
Snapdragon Compute, Snapdragon
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-3702 Connectivity, Snapdragon 6.5 kernel Affected no
il/CVE-2020-3702
Consumer IOT, Snapdragon
Industrial IOT, Snapdragon Mobile,
Snapdragon Voice & Music,
Snapdragon Wearables, Snapdragon
Wired Infrastructure and
Networking in APQ8053, IPQ4019,
IPQ8064, MSM8909W,
MSM8996AU, QCA9531, QCN5502,
QCS405, SDX20, SM6150, SM7150
IBM Power9 (AIX 7.1, 7.2, and VIOS
3.1) processors could allow a local
bpftool,kernel,kernel-core,ker
user to obtain sensitive information https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2020-4788 4.7 nel-modules,kernel-tools,kerne
from the data in the L1 cache under il/CVE-2020-4788
l-tools-libs,python3-perf
extenuating circumstances. IBM X-
Force ID: 189296.
Insufficient control flow
management in some Intel(R)
Processors may allow an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-0127 5.5 microcode_ctl Affected no
authenticated user to potentially il/CVE-2021-0127
enable a denial of service via local
access.
Improper initialization of shared
resources in some Intel(R)
Processors may allow an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-0145 5.5 microcode_ctl Affected no
authenticated user to potentially il/CVE-2021-0145
enable information disclosure via
local access.
Hardware allows activation of test
or debug logic at runtime for some
Intel(R) processors which may allow https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-0146 6.8 microcode_ctl Affected no
an unauthenticated user to il/CVE-2021-0146
potentially enable escalation of
privilege via physical access.
In unix_scm_to_skb of af_unix.c,
there is a possible use after free bug
due to a race condition. This could
lead to local escalation of privilege
with System execution privileges bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-0920 needed. User interaction is not 6.4 nel-modules,kernel-tools,kerne
il/CVE-2021-0920
needed for exploitation.Product: l-tools-libs,python3-perf
AndroidVersions: Android
kernelAndroid ID:
A-196926917References: Upstream
kernel
In bpf_skb_change_head of filter.c,
there is a possible out of bounds
read due to a use after free. This
could lead to local escalation of
privilege with System execution
bpftool,kernel,kernel-core,ker
privileges needed. User interaction https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-0941 6.7 nel-modules,kernel-tools,kerne
is not needed for il/CVE-2021-0941
l-tools-libs,python3-perf
exploitation.Product:
AndroidVersions: Android
kernelAndroid ID:
A-154177719References: Upstream
kernel
A flaw was found in the way Samba
handled file/directory metadata.
libsmbclient,libwbclient,samba
This flaw allows an authenticated https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-20316 6.8 -client-libs,samba-common,samb
attacker with permissions to read or il/CVE-2021-20316
a-common-libs
modify share metadata, to perform
this operation outside of the share.
A flaw was found in the Linux
kernel. A corrupted timer tree
caused the task wakeup to be
missing in the timerqueue_add
bpftool,kernel,kernel-core,ker
function in lib/timerqueue.c. This https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-20317 4.4 nel-modules,kernel-tools,kerne
flaw allows a local attacker with il/CVE-2021-20317
l-tools-libs,python3-perf
special user privileges to cause a
denial of service, slowing and
eventually stopping the system
while running OSP.
A race condition accessing file
object in the Linux kernel
OverlayFS subsystem was found in bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-20321 the way users do rename in specific 4.7 nel-modules,kernel-tools,kerne
il/CVE-2021-20321
way with OverlayFS. A local user l-tools-libs,python3-perf
could use this flaw to crash the
system.

pandorafms.com 5
 a

Agent Module Date CVE Description Score Link Packages State Fixed

A flaw in the processing of received

ICMP errors (ICMP fragment
needed and ICMP redirect) in the
Linux kernel functionality was found
to allow the ability to quickly scan
open UDP ports. This flaw allows an
off-path remote user to effectively bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-20322 bypass the source port UDP 7.4 nel-modules,kernel-tools,kerne
il/CVE-2021-20322
randomization. The highest threat l-tools-libs,python3-perf
from this vulnerability is to
confidentiality and possibly
integrity, because software that
relies on UDP source port
randomization are indirectly
affected as well.
An information disclosure
vulnerability exists in the ARM
SIGPAGE functionality of Linux
Kernel v5.4.66 and v5.4.54. The
latest version (5.11-rc4) seems to
still be vulnerable. A userland
bpftool,kernel,kernel-core,ker
application can read the contents of https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-21781 3.3 nel-modules,kernel-tools,kerne
the sigpage, which can leak kernel il/CVE-2021-21781
l-tools-libs,python3-perf
memory contents. An attacker can
read a process’s memory at a
specific offset to trigger this
vulnerability. This was fixed in
kernel releases: 4.14.222 4.19.177
5.4.99 5.10.17 5.11
An improper link resolution flaw
while extracting an archive can lead
to changing the access control list
(ACL) of the target of the link. An
attacker may provide a malicious
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-23177 archive to a victim user, who would 7.8 libarchive
il/CVE-2021-23177
trigger this flaw when trying to
extract the archive. A local attacker
may use this flaw to change the ACL
of a file on the system and gain
more privileges.
A flaw was found in the way samba
implemented DCE/RPC. If a client to
a Samba server sent a very large
libsmbclient,libwbclient,samba
DCE/RPC request, and chose to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-23192 7.5 -client-libs,samba-common,samb
fragment it, an attacker could il/CVE-2021-23192
a-common-libs
replace later fragments with their
own data, bypassing the signature
requirements.
Some AMD CPUs may transiently
execute beyond unconditional direct https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-26341 6.5 kernel Affected no
branches, which may potentially il/CVE-2021-26341
result in data leakage.
LFENCE/JMP (mitigation V2-2) may
bpftool,kernel,kernel-core,ker
not sufficiently mitigate https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-26401 5.6 nel-modules,kernel-tools,kerne
CVE-2017-5715 on some AMD il/CVE-2021-26401
l-tools-libs,python3-perf
CPUs.
In drivers/pci/hotplug/rpadlpar_s
ysfs.c in the Linux kernel through
5.11.8, the RPA PCI Hotplug driver
has a user-tolerable buffer overflow
when writing a new device name to
the driver from userspace, allowing https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-28972 6.7 kernel Fix deferred no
userspace to write data to the il/CVE-2021-28972
kernel stack frame directly. This
occurs because add_slot_store and
remove_slot_store mishandle
drc_name '\0' termination, aka CID-
cc7a0bb058b8.
BPF JIT compilers in the Linux
kernel through 5.11.12 have
incorrect computation of branch
bpftool,kernel,kernel-core,ker
displacements, allowing them to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-29154 7.8 nel-modules,kernel-tools,kerne
execute arbitrary code within the il/CVE-2021-29154
l-tools-libs,python3-perf
kernel context. This affects
arch/x86/net/bpf_jit_comp.c and
arch/x86/net/bpf_jit_comp32.c.
arch/x86/kvm/svm/nested.c in the
Linux kernel before 5.11.12 has a
use-after-free in which an AMD
KVM guest can bypass access
control on host OS MSRs when https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-29657 7.4 kernel Affected no
there are nested guests, aka CID- il/CVE-2021-29657
a58d9166a756. This occurs because
of a TOCTOU race condition
associated with a VMCB12 double
fetch in nested_svm_vmrun.
An issue was discovered in the
Linux kernel before 5.11.3 when a
webcam device exists.
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-30002 video_usercopy in 6.2 kernel Affected no
il/CVE-2021-30002
drivers/media/v4l2-core/v4l2-i
octl.c has a memory leak for large
arguments, aka CID-fb18802a338b.
An improper link resolution flaw can
occur while extracting an archive
leading to changing modes, times,
access control lists, and flags of a
file outside of the archive. An
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-31566 attacker may provide a malicious 7.8 libarchive
il/CVE-2021-31566
archive to a victim user, who would
trigger this flaw when trying to
extract the archive. A local attacker
may use this flaw to gain more
privileges in a system.
** DISPUTED ** fs/nfsd/nfs3xdr.c in
the Linux kernel through 5.10.8,
when there is an NFS export of a
subdirectory of a filesystem, allows
see also the exports(5)
remote attackers to traverse to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3178 no_subtree_check default 6.5 kernel Affected no
other parts of the filesystem via il/CVE-2021-3178
behavior.
READDIRPLUS. NOTE: some
parties argue that such a
subdirectory export is not intended
to prevent this attack

pandorafms.com 6
 a

Agent Module Date CVE Description Score Link Packages State Fixed

Improper access control for some

3rd Generation Intel(R) Xeon(R)
Scalable Processors before BIOS
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-33117 version MR7, may allow a local 5.5 microcode_ctl Affected no
il/CVE-2021-33117
attacker to potentially enable
information disclosure via local
access.
Out of bounds read under complex
microarchitectural condition in
memory subsystem for some Intel
Atom(R) Processors may allow https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-33120 5.4 microcode_ctl Affected no
authenticated user to potentially il/CVE-2021-33120
enable information disclosure or
cause denial of service via network
access.
In kernel/bpf/verifier.c in the Linux
kernel before 5.12.13, a branch can
be mispredicted (e.g., because of
type confusion) and consequently an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-33624 4.7 kernel Affected no
unprivileged BPF program can read il/CVE-2021-33624
arbitrary memory locations via a
side-channel attack, aka
CID-9183671af6db.
When sending malicous data to
kernel by ioctl cmd https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-33655 6.7 kernel Affected no
FBIOPUT_VSCREENINFO,kernel il/CVE-2021-33655
will write memory out of bounds.
When setting font with malicous
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-33656 data by ioctl cmd PIO_FONT,kernel 7.8 kernel Affected no
il/CVE-2021-33656
will write memory out of bounds.
A flaw was found in the Linux
kernel. A denial of service problem
is identified if an extent tree is
corrupted in a crafted ext4
filesystem in fs/ext4/extents.c in
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3428 ext4_es_cache_extent. Fabricating 5.5 kernel Affected no
il/CVE-2021-3428
an integer overflow, A local attacker
with a special user privilege may
cause a system crash problem
which can lead to an availability
threat.
The bpf verifier in the Linux kernel
did not properly handle mod32
destination register truncation
when the source register was
known to be 0. A local attacker with
the ability to load bpf programs
could use this gain out-of-bounds
reads in kernel memory leading to
information disclosure (kernel https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3444 7.8 kernel Affected no
memory), and possibly out-of- il/CVE-2021-3444
bounds writes that could potentially
lead to code execution. This issue
was addressed in the upstream
kernel in commit 9b00f1b78809
("bpf: Fix truncation handling for
mod32 dst reg wrt zero") and in
Linux stable kernels 5.11.2, 5.10.19,
and 5.4.101.
In the Linux kernel through 5.13.7,
an unprivileged BPF program can
obtain sensitive information from
kernel memory via a Speculative
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-34556 Store Bypass side-channel attack 5.5 kernel Affected no
il/CVE-2021-34556
because the protection mechanism
neglects the possibility of
uninitialized memory locations on
the BPF stack.
net/can/bcm.c in the Linux kernel
through 5.12.10 allows local users
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-34693 to obtain sensitive information from 5.5 kernel Affected no
il/CVE-2021-34693
kernel stack memory because parts
of a data structure are uninitialized.
net/can/bcm.c in the Linux kernel
through 5.12.10 allows local users
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-34693 to obtain sensitive information from 5.5 kernel Fix deferred no
il/CVE-2021-34693
kernel stack memory because parts
of a data structure are uninitialized.
There is a flaw in RPM's signature
functionality. OpenPGP subkeys are
associated with a primary key via a
"binding signature." RPM does not
check the binding signature of
subkeys prior to importing them. If
an attacker is able to add or socially
engineer another party to add a
malicious subkey to a legitimate python3-rpm,rpm,rpm-build-libs
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3521 public key, RPM could wrongly trust 4.7 ,rpm-libs,rpm-plugin-selinux,r
il/CVE-2021-3521
a malicious signature. The greatest pm-plugin-systemd-inhibit
impact of this flaw is to data
integrity. To exploit this flaw, an
attacker must either compromise an
RPM repository or convince an
administrator to install an untrusted
RPM or public key. It is strongly
recommended to only use RPMs and
public keys from trusted sources.
In the Linux kernel through 5.13.7,
an unprivileged BPF program can
obtain sensitive information from
kernel memory via a Speculative
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-35477 Store Bypass side-channel attack 5.5 kernel Affected no
il/CVE-2021-35477
because a certain preempting store
operation does not necessarily
occur before a store operation that
has an attacker-controlled value.
A race condition vulnerability was
found in rpm. A local unprivileged
user could use this flaw to bypass
the checks that were introduced in
response to CVE-2017-7500 and https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-35937 6.4 rpm Affected no
CVE-2017-7501, potentially gaining il/CVE-2021-35937
root privileges. The highest threat
from this vulnerability is to data
confidentiality and integrity as well
as system availability.

pandorafms.com 7
 a

Agent Module Date CVE Description Score Link Packages State Fixed

A symbolic link issue was found in

rpm. It occurs when rpm sets the
desired permissions and credentials
after installing a file. A local
unprivileged user could use this
flaw to exchange the original file
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-35938 with a symbolic link to a security- 7.8 rpm Affected no
il/CVE-2021-35938
critical file and escalate their
privileges on the system. The
highest threat from this
vulnerability is to data
confidentiality and integrity as well
as system availability.
It was found that the fix for
CVE-2017-7500 and CVE-2017-7501
was incomplete: the check was only
implemented for the parent
directory of the file to be created. A
local unprivileged user who owns https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-35939 7.8 rpm Affected no
another ancestor directory could il/CVE-2021-35939
potentially use this flaw to gain root
privileges. The highest threat from
this vulnerability is to data
confidentiality and integrity as well
as system availability.
An out-of-bounds memory write flaw
was found in the Linux kernel's
joystick devices subsystem in
versions before 5.9-rc1, in the way
the user calls ioctl JSIOCSBTNMAP.
bpftool,kernel,kernel-core,ker
This flaw allows a local user to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3612 7.8 nel-modules,kernel-tools,kerne
crash the system or possibly il/CVE-2021-3612
l-tools-libs,python3-perf
escalate their privileges on the
system. The highest threat from this
vulnerability is to confidentiality,
integrity, as well as system
availability.
A flaw has been found in libssh in
versions prior to 0.9.6. The SSH
protocol keeps track of two shared
secrets during the lifetime of the
session. One of them is called
secret_hash and the other
session_id. Initially, both of them
are the same, but after key re-
exchange, previous session_id is
kept and used as an input to new
secret_hash. Historically, both of
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3634 these buffers had shared length 6.5 libssh,libssh-config
il/CVE-2021-3634
variable, which worked as long as
these buffers were same. But the
key re-exchange operation can also
change the key exchange method,
which can be based on hash of
different size, eventually creating
"secret_hash" of different size than
the session_id has. This becomes an
issue when the session_id memory
is zeroed or when it is used again
during second key re-exchange.
A flaw use-after-free in function
sco_sock_sendmsg() of the Linux
kernel HCI subsystem was found in
the way user calls ioct
UFFDIO_REGISTER or other way
triggers race condition of the call
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3640 sco_conn_del() together with the 7 kernel Affected no
il/CVE-2021-3640
call sco_sock_sendmsg() with the
expected controllable faulting
memory page. A privileged local
user could use this flaw to crash the
system or escalate their privileges
on the system.
A vulnerability was found in the
Linux kernel in versions prior to
v5.14-rc1. Missing size validations https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3655 3.3 kernel Affected no
on inbound SCTP packets may allow il/CVE-2021-3655
the kernel to read uninitialized
memory.
Cockpit (and its plugins) do not
seem to protect itself against
clickjacking. It is possible to render
a page from a cockpit server via https://nvd.nist.gov/vuln/deta cockpit,cockpit-bridge,cockpit
stod Scanned_CVEs 2022-10-18 CVE-2021-3660 4.3
another website, inside an HTML il/CVE-2021-3660 -system,cockpit-ws
entry. This may be used by a
malicious website in clickjacking or
similar attacks.
A flaw was found in the Linux
kernel. Measuring usage of the
bpftool,kernel,kernel-core,ker
shared memory does not scale with https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3669 5.5 nel-modules,kernel-tools,kerne
large shared memory segment il/CVE-2021-3669
l-tools-libs,python3-perf
counts which could lead to resource
exhaustion and DoS.
A flaw was found in c-ares library,
where a missing input validation
check of host names returned by
DNS (Domain Name Servers) can
lead to output of wrong hostnames https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3672 5.6 c-ares
which might potentially lead to il/CVE-2021-3672
Domain Hijacking. The highest
threat from this vulnerability is to
confidentiality and integrity as well
as system availability.
A crafted 16-bit grayscale PNG
image may lead to a out-of-bounds
write in the heap area. An attacker
may take advantage of that to cause
heap data corruption or eventually
arbitrary code execution and
circumvent secure boot protections.
grub2-common,grub2-pc,grub2-pc
This issue has a high complexity to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3695 4.5 -modules,grub2-tools,grub2-too
be exploited as an attacker needs to il/CVE-2021-3695
ls-extra,grub2-tools-minimal
perform some triage over the heap
layout to achieve signifcant results,
also the values written into the
memory are repeated three times in
a row making difficult to produce
valid payloads. This flaw affects
grub2 versions prior grub-2.12.

pandorafms.com 8
 a

Agent Module Date CVE Description Score Link Packages State Fixed

A heap out-of-bounds write may

heppen during the handling of
Huffman tables in the PNG reader.
This may lead to data corruption in
the heap space. Confidentiality,
Integrity and Availablity impact may
grub2-common,grub2-pc,grub2-pc
be considered Low as it's very https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3696 4.5 -modules,grub2-tools,grub2-too
complex to an attacker control the il/CVE-2021-3696
ls-extra,grub2-tools-minimal
encoding and positioning of
corrupted Huffman entries to
achieve results such as arbitrary
code execution and/or secure boot
circumvention. This flaw affects
grub2 versions prior grub-2.12.
A crafted JPEG image may lead the
JPEG reader to underflow its data
pointer, allowing user-controlled
data to be written in heap. To a
successful to be performed the
attacker needs to perform some
grub2-common,grub2-pc,grub2-pc
triage over the heap layout and https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3697 7 -modules,grub2-tools,grub2-too
craft an image with a malicious il/CVE-2021-3697
ls-extra,grub2-tools-minimal
format and payload. This
vulnerability can lead to data
corruption and eventual code
execution or secure boot
circumvention. This flaw affects
grub2 versions prior grub-2.12.
A flaw was found in Cockpit in
versions prior to 260 in the way it
handles the certificate verification
performed by the System Security
Services Daemon (SSSD). This flaw
allows client certificates to https://nvd.nist.gov/vuln/deta cockpit,cockpit-bridge,cockpit
stod Scanned_CVEs 2022-10-18 CVE-2021-3698 7.5
authenticate successfully, il/CVE-2021-3698 -system,cockpit-ws
regardless of the Certificate
Revocation List (CRL) configuration
or the certificate status. The highest
threat from this vulnerability is to
confidentiality.
A flaw was found in the Linux
kernels memory deduplication
mechanism. Previous work has
shown that memory deduplication
can be attacked via a local
exploitation mechanism. The same https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3714 7.5 kernel Affected no
technique can be used if an attacker il/CVE-2021-3714
can upload page sized files and
detect the change in access time
from a networked service to
determine if the page has been
merged.
hso_free_net_device in
drivers/net/usb/hso.c in the Linux
kernel through 5.13.4 calls bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-37159 unregister_netdev without checking 6.4 nel-modules,kernel-tools,kerne
il/CVE-2021-37159
for the NETREG_REGISTERED l-tools-libs,python3-perf
state, leading to a use-after-free and
a double free.
A flaw was found in python. An
improperly handled HTTP response
in the HTTP client code of python
may allow a remote attacker, who
controls the HTTP server, to make https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3737 7.5 platform-python,python3-libs
the client script enter an infinite il/CVE-2021-3737
loop, consuming CPU time. The
highest threat from this
vulnerability is to system
availability.
An out-of-bounds (OOB) memory
read flaw was found in the
Qualcomm IPC router protocol in
the Linux kernel. A missing sanity
check allows a local attacker to gain bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3743 access to out-of-bounds memory, 7.1 nel-modules,kernel-tools,kerne
il/CVE-2021-3743
leading to a system crash or a leak l-tools-libs,python3-perf
of internal kernel information. The
highest threat from this
vulnerability is to system
availability.
A memory leak flaw was found in
the Linux kernel in the
ccp_run_aes_gcm_cmd() function in
bpftool,kernel,kernel-core,ker
drivers/crypto/ccp/ccp-ops.c, which https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3744 5.5 nel-modules,kernel-tools,kerne
allows attackers to cause a denial of il/CVE-2021-3744
l-tools-libs,python3-perf
service (memory consumption). This
vulnerability is similar with the
older CVE-2019-18808.
A use-after-free flaw was found in
the Linux kernel’s Bluetooth
subsystem in the way user calls
connect to the socket and
disconnect simultaneously due to a bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3752 race condition. This flaw allows a 7.1 nel-modules,kernel-tools,kerne
il/CVE-2021-3752
user to crash the system or escalate l-tools-libs,python3-perf
their privileges. The highest threat
from this vulnerability is to
confidentiality, integrity, as well as
system availability.
A memory overflow vulnerability
was found in the Linux kernel’s ipc
functionality of the memcg
subsystem, in the way a user calls
the semget function multiple times, bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3759 creating semaphores. This flaw 5.5 nel-modules,kernel-tools,kerne
il/CVE-2021-3759
allows a local user to starve the l-tools-libs,python3-perf
resources, causing a denial of
service. The highest threat from this
vulnerability is to system
availability.
A memory leak flaw was found in
the Linux kernel's
ccp_run_aes_gcm_cmd() function
that allows an attacker to cause a bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3764 denial of service. The vulnerability 5.5 nel-modules,kernel-tools,kerne
il/CVE-2021-3764
is similar to the older l-tools-libs,python3-perf
CVE-2019-18808. The highest
threat from this vulnerability is to
system availability.

pandorafms.com 9
 a

Agent Module Date CVE Description Score Link Packages State Fixed

A flaw was found in the Linux SCTP

stack. A blind attacker may be able
to kill an existing SCTP association
bpftool,kernel,kernel-core,ker
through invalid chunks if the https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3772 6.5 nel-modules,kernel-tools,kerne
attacker knows the IP-addresses il/CVE-2021-3772
l-tools-libs,python3-perf
and port numbers being used and
the attacker can send packets with
spoofed IP addresses.
A flaw in netfilter could allow a
network-connected attacker to infer bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3773 openvpn connection endpoint 9.8 nel-modules,kernel-tools,kerne
il/CVE-2021-3773
information for further use in l-tools-libs,python3-perf
traditional network attacks.
In kernel/bpf/hashtab.c in the Linux
kernel through 5.13.8, there is an
integer overflow and out-of-bounds
write when many elements are https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-38166 7.8 kernel Affected no
placed in a single bucket. NOTE: il/CVE-2021-38166
exploitation might be impractical
without the CAP_SYS_ADMIN
capability.
GNU cpio through 2.13 allows
attackers to execute arbitrary code
via a crafted pattern file, because of
a dstring.c ds_fgetstr integer
overflow that triggers an out-of- https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-38185 7.8 cpio
bounds heap write. NOTE: it is il/CVE-2021-38185
unclear whether there are common
cases where the pattern file,
associated with the -E option, is
untrusted data.
arch/x86/kvm/mmu/paging_tmpl.h
in the Linux kernel before 5.12.11
incorrectly computes the access https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-38198 5.5 kernel Affected no
permissions of a shadow page, il/CVE-2021-38198
leading to a missing guest
protection page fault.
The mac80211 subsystem in the
Linux kernel before 5.12.13, when a
device supporting only 5 GHz is
used, allows attackers to cause a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-38206 5.5 kernel Affected no
denial of service (NULL pointer il/CVE-2021-38206
dereference in the radiotap parser)
by injecting a frame with 802.11a
rates.
Go before 1.16.9 and 1.17.x before
1.17.2 has a Buffer Overflow via
large arguments in a function https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-38297 9.8 git-lfs Affected no
invocation from a WASM module, il/CVE-2021-38297
when GOARCH=wasm GOOS=js is
used.
vim is vulnerable to Heap-based https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3872 7.8 vim-minimal
Buffer Overflow il/CVE-2021-3872
vim is vulnerable to Heap-based https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3872 7.8 kernel Affected no
Buffer Overflow il/CVE-2021-3872
A flaw in grub2 was found where its
configuration file, known as
grub.cfg, is being created with the
wrong permission set allowing non
privileged users to read its content.
This represents a low severity grub2-common,grub2-pc,grub2-pc
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3981 confidentiality issue, as those users 3.3 -modules,grub2-tools,grub2-too
il/CVE-2021-3981
can eventually read any encrypted ls-extra,grub2-tools-minimal
passwords present in grub.cfg. This
flaw affects grub2 2.06 and previous
versions. This issue has been fixed
in grub upstream but no version
with the fix is currently released.
vim is vulnerable to Heap-based https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-3984 7.8 vim-minimal
Buffer Overflow il/CVE-2021-3984
A race condition was found in the
Linux kernel's ebpf verifier between
bpf_map_update_elem and
bpf_map_freeze due to a missing
lock in kernel/bpf/syscall.c. In this
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4001 flaw, a local user with a special 4.1 kernel Affected no
il/CVE-2021-4001
privilege (cap_sys_admin or
cap_bpf) can modify the frozen
mapped address space. This flaw
affects kernel versions prior to 5.16
rc2.
A memory leak flaw in the Linux
kernel's hugetlbfs memory usage
was found in the way the user maps
some regions of memory twice using bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4002 shmget() which are aligned to PUD 4.4 nel-modules,kernel-tools,kerne
il/CVE-2021-4002
alignment with the fault of some of l-tools-libs,python3-perf
the memory pages. A local user
could use this flaw to get
unauthorized access to some data.
this is then used by unsquashfs to
create the new file during the
squashfs_opendir in unsquash-1.c in unsquash. The filename is not
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-40153 Squashfs-Tools 4.5 stores the validated for traversal outside of 8.1 squashfs-tools Affected no
il/CVE-2021-40153
filename in the directory entry the destination directory, and
thus allows writing to locations
outside of the destination.
vim is vulnerable to Heap-based https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4019 7.8 vim-minimal
Buffer Overflow il/CVE-2021-4019
A flaw in the Linux kernel's
implementation of RDMA
communications manager listener
code allowed an attacker with local
access to setup a socket to listen on
bpftool,kernel,kernel-core,ker
a high port allowing for a list https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4028 7.8 nel-modules,kernel-tools,kerne
element to be used after free. Given il/CVE-2021-4028
l-tools-libs,python3-perf
the ability to execute code, a local
attacker could leverage this use-
after-free to crash the system or
possibly escalate privileges on the
system.

pandorafms.com 10
 a

Agent Module Date CVE Description Score Link Packages State Fixed

A local privilege escalation

vulnerability was found on polkit's
pkexec utility. The pkexec
application is a setuid tool designed
to allow unprivileged users to run
commands as privileged users
according predefined policies. The
current version of pkexec doesn't
handle the calling parameters count
correctly and ends trying to execute https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4034 7.8 polkit,polkit-libs
environment variables as il/CVE-2021-4034
commands. An attacker can
leverage this by crafting
environment variables in such a way
it'll induce pkexec to execute
arbitrary code. When successfully
executed the attack can cause a
local privilege escalation given
unprivileged users administrative
rights on the target machine.
A vulnerability was found in the
fs/inode.c:inode_init_owner()
function logic of the LInux kernel
that allows local users to create files
for the XFS file-system with an
unintended group ownership and
with group execution and SGID
permission bits set, in a scenario bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4037 where a directory is SGID and 7.8 nel-modules,kernel-tools,kerne
il/CVE-2021-4037
belongs to a certain group and is l-tools-libs,python3-perf
writable by a user who is not a
member of this group. This can lead
to excessive permissions granted in
case when they should not. This
vulnerability is similar to the
previous CVE-2018-13405 and adds
the missed fix for the XFS.
The ElGamal implementation in
Libgcrypt before 1.9.4 allows
plaintext recovery because, during
interaction between two
cryptographic libraries, a certain
dangerous combination of the prime https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-40528 5.9 libgcrypt
defined by the receiver's public key, il/CVE-2021-40528
the generator defined by the
receiver's public key, and the
sender's ephemeral exponents can
lead to a cross-configuration attack
against OpenPGP.
A read-after-free memory flaw was
found in the Linux kernel's garbage
collection for Unix domain socket
file handlers in the way users call
close() and fget() simultaneously bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4083 and can potentially trigger a race 7 nel-modules,kernel-tools,kerne
il/CVE-2021-4083
condition. This flaw allows a local l-tools-libs,python3-perf
user to crash the system or escalate
their privileges on the system. This
flaw affects Linux kernel versions
prior to 5.16-rc4.
A flaw was found in the KVM's AMD
code for supporting the Secure
Encrypted Virtualization-Encrypted
State (SEV-ES). A KVM guest using
SEV-ES can trigger out-of-bounds
reads and writes in the host kernel
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4093 via a malicious VMGEXIT for a 8.8 kernel Affected no
il/CVE-2021-4093
string I/O instruction (for example,
outs or ins) using the exit reason
SVM_EXIT_IOIO. This issue results
in a crash of the entire system or a
potential guest-to-host escape
scenario.
There is a flaw in polkit which can
allow an unprivileged user to cause
polkit to crash, due to process file
descriptor exhaustion. The highest
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4115 threat from this vulnerability is to 5.5 polkit,polkit-libs
il/CVE-2021-4115
availability. NOTE: Polkit process
outage duration is tied to the failing
process being reaped and a new one
being spawned
It was found that a specially crafted
LUKS header could trick cryptsetup
into disabling encryption during the
recovery of the device. An attacker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4122 with physical access to the medium, 4.3 cryptsetup,cryptsetup-libs
il/CVE-2021-4122
such as a flash disk, could use this
flaw to force a user into
permanently disabling the
encryption layer of that medium.
A memory leak vulnerability was
found in the Linux kernel's eBPF for
the Simulated networking device
driver in the way user uses BPF for
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4135 the device such that function 5.5 kernel Affected no
il/CVE-2021-4135
nsim_map_alloc_elem being called.
A local user could use this flaw to
get unauthorized access to some
data.
A use-after-free flaw was found in
cgroup1_parse_param in
kernel/cgroup/cgroup-v1.c in the
Linux kernel's cgroup v1 parser. A
bpftool,kernel,kernel-core,ker
local attacker with a user privilege https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4154 8.8 nel-modules,kernel-tools,kerne
could cause a privilege escalation il/CVE-2021-4154
l-tools-libs,python3-perf
by exploiting the fsconfig syscall
parameter leading to a container
breakout and a denial of service on
the system.
A data leak flaw was found in the
way XFS_IOC_ALLOCSP IOCTL in
the XFS filesystem allowed for size bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4155 increase of files with unaligned size. 5.5 nel-modules,kernel-tools,kerne
il/CVE-2021-4155
A local attacker could use this flaw l-tools-libs,python3-perf
to leak data on the XFS filesystem
otherwise not accessible to them.

pandorafms.com 11
 a

Agent Module Date CVE Description Score Link Packages State Fixed

An out of memory bounds write flaw

(1 or 2 bytes of memory) in the
Linux kernel NFS subsystem was
found in the way users use bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4157 mirroring (replication of files with 8 nel-modules,kernel-tools,kerne
il/CVE-2021-4157
NFS). A user, having access to the l-tools-libs,python3-perf
NFS mount, could potentially use
this flaw to crash the system or
escalate privileges on the system.
A vulnerability was found in the
Linux kernel's EBPF verifier when
handling internal data structures.
Internal memory locations could be
returned to userspace. A local
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4159 attacker with the permissions to 4.4 kernel Affected no
il/CVE-2021-4159
insert eBPF code to the kernel can
use this to leak internal kernel
memory details defeating some of
the exploit mitigations in place for
the kernel.
sshd in OpenSSH 6.2 through 8.x
before 8.8, when certain non-default
configurations are used, allows
privilege escalation because
supplemental groups are not
initialized as expected. Helper
programs for https://nvd.nist.gov/vuln/deta openssh,openssh-clients,openss
stod Scanned_CVEs 2022-10-18 CVE-2021-41617 7
AuthorizedKeysCommand and il/CVE-2021-41617 h-server
AuthorizedPrincipalsCommand may
run with privileges associated with
group memberships of the sshd
process, if the configuration
specifies running the command as a
different user.
prealloc_elems_and_freelist in
kernel/bpf/stackmap.c in the Linux
kernel before 5.14.12 allows bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-41864 unprivileged users to trigger an 7.8 nel-modules,kernel-tools,kerne
il/CVE-2021-41864
eBPF multiplication integer l-tools-libs,python3-perf
overflow with a resultant out-of-
bounds write.
A flaw was found in Python,
specifically in the FTP (File Transfer
Protocol) client library in PASV
(passive) mode. The issue is how the
FTP client trusts the host from the
PASV response by default. This flaw
allows an attacker to set up a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4189 5.3 platform-python,python3-libs
malicious FTP server that can trick il/CVE-2021-4189
FTP clients into connecting back to
a given IP address and port. This
vulnerability could lead to FTP
client scanning ports, which
otherwise would not have been
possible.
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4192 vim is vulnerable to Use After Free 7.8 vim-minimal
il/CVE-2021-4192
vim is vulnerable to Out-of-bounds https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4193 5.5 vim-minimal
Read il/CVE-2021-4193
An unprivileged write to the file
handler flaw in the Linux kernel's
control groups and namespaces
subsystem was found in the way
users have access to some less
privileged process that are bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4197 controlled by cgroups and have 7.8 nel-modules,kernel-tools,kerne
il/CVE-2021-4197
higher privileged parent process. It l-tools-libs,python3-perf
is actually both for cgroup2 and
cgroup1 versions of control groups.
A local user could use this flaw to
crash the system or escalate their
privileges on the system.
A use-after-free read flaw was found
in sock_getsockopt() in
net/core/sock.c due to
SO_PEERCRED and bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4203 SO_PEERGROUPS race with listen() 6.8 nel-modules,kernel-tools,kerne
il/CVE-2021-4203
(and connect()) in the Linux kernel. l-tools-libs,python3-perf
In this flaw, an attacker with a user
privileges may crash the system or
leak internal kernel information.
A vulnerability was found in Angular
up to 11.0.4/11.1.0-next.2. It has
been classified as problematic.
Affected is the handling of
comments. The manipulation leads
to cross site scripting. It is possible
to launch the attack remotely but it https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-4231 5.4 mozjs60 Affected no
might require an authentication il/CVE-2021-4231
first. Upgrading to version 11.0.5
and 11.1.0-next.3 is able to address
this issue. The name of the patch is
ba8da742e3b243e8f43d4c63aa842b
44e14f2b09. It is recommended to
upgrade the affected component.

pandorafms.com 12
 a

Agent Module Date CVE Description Score Link Packages State Fixed

** DISPUTED ** An issue was

discovered in the Bidirectional
Algorithm in the Unicode
Specification through 14.0. It
permits the visual reordering of
characters via control sequences,
which can be used to craft source
code that renders different logic
than the logical ordering of tokens
ingested by compilers and
interpreters. Adversaries can
leverage this to encode source code
for compilers accepting Unicode
such that targeted vulnerabilities
are introduced invisibly to human
reviewers. NOTE: the Unicode
Consortium offers the following
alternative approach to presenting
this concern. An issue is noted in
the nature of international text that
can affect applications that
implement support for The Unicode
Standard and the Unicode
Bidirectional Algorithm (all
versions). Due to text display
behavior when text includes left-to-
right and right-to-left characters,
the visual order of tokens may be see HL4 in Unicode Standard
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-42574 different from their logical order. Annex #9, Unicode Bidirectional 8.3 binutils,libstdc++
il/CVE-2021-42574
Additionally, control characters Algorithm.
needed to fully support the
requirements of bidirectional text
can further obfuscate the logical
order of tokens. Unless mitigated,
an adversary could craft source
code such that the ordering of
tokens perceived by human
reviewers does not match what will
be processed by a
compiler/interpreter/etc. The
Unicode Consortium has
documented this class of
vulnerability in its document,
Unicode Technical Report #36,
Unicode Security Considerations.
The Unicode Consortium also
provides guidance on mitigations
for this class of issues in Unicode
Technical Standard #39, Unicode
Security Mechanisms, and in
Unicode Standard Annex #31,
Unicode Identifier and Pattern
Syntax. Also, the BIDI specification
allows applications to tailor the
implementation in ways that can
mitigate misleading visual
reordering in program text
A heap-based buffer overflow flaw
was found in the Linux kernel
FireDTV media card driver, where
the user calls the CA_SEND_MSG
ioctl. This flaw allows a local user of bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-42739 the host machine to crash the 6.7 nel-modules,kernel-tools,kerne
il/CVE-2021-42739
system or escalate privileges on the l-tools-libs,python3-perf
system. The highest threat from this
vulnerability is to confidentiality,
integrity, as well as system
availability.
An issue was discovered in the
Linux kernel for powerpc before
5.14.15. It allows a malicious KVM
guest to crash the host, when the
bpftool,kernel,kernel-core,ker
host is running on Power8, due to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-43056 5.5 nel-modules,kernel-tools,kerne
an il/CVE-2021-43056
l-tools-libs,python3-perf
arch/powerpc/kvm/book3s_hv_rmh
andlers.S implementation bug in the
handling of the SRR1 register
values.
An issue was discovered in
net/tipc/crypto.c in the Linux kernel
before 5.14.16. The Transparent
bpftool,kernel,kernel-core,ker
Inter-Process Communication https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-43267 9.8 nel-modules,kernel-tools,kerne
(TIPC) functionality allows remote il/CVE-2021-43267
l-tools-libs,python3-perf
attackers to exploit insufficient
validation of user-supplied sizes for
the MSG_CRYPTO message type.
An issue was discovered in the
Linux kernel before 5.14.15. There bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-43389 is an array-index-out-of-bounds flaw 5.5 nel-modules,kernel-tools,kerne
il/CVE-2021-43389
in the detach_capi_ctr function in l-tools-libs,python3-perf
drivers/isdn/capi/kcapi.c.
In the Linux kernel through 5.15.2,
hw_atl_utils_fw_rpc_wait in
drivers/net/ethernet/aquantia/
atlantic/hw_atl/hw_atl_utils.c allows https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-43975 6.7 kernel Affected no
an attacker (who can introduce a il/CVE-2021-43975
crafted device) to trigger an out-of-
bounds write via a crafted length
value.
In the Linux kernel through 5.15.2,
mwifiex_usb_recv in
drivers/net/wireless/marvell/m bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-43976 wifiex/usb.c allows an attacker (who 4.6 nel-modules,kernel-tools,kerne
il/CVE-2021-43976
can connect a crafted USB device) l-tools-libs,python3-perf
to cause a denial of service
(skb_over_panic).
All versions of Samba prior to 4.15.5
are vulnerable to a malicious client
using a server symlink to determine
if a file or directory exists in an area libsmbclient,libwbclient,samba
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-44141 of the server file system not 4.3 -client-libs,samba-common,samb
il/CVE-2021-44141
exported under the share definition. a-common-libs
SMB1 with unix extensions has to
be enabled in order for this attack
to succeed.

pandorafms.com 13
 a

Agent Module Date CVE Description Score Link Packages State Fixed

The Samba vfs_fruit module uses

extended file attributes (EA, xattr)
to provide "...enhanced
compatibility with Apple SMB
clients and interoperability with a
Netatalk 3 AFP fileserver." Samba
versions prior to 4.13.17, 4.14.12 libsmbclient,libwbclient,samba
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-44142 and 4.15.5 with vfs_fruit configured 8.8 -client-libs,samba-common,samb
il/CVE-2021-44142
allow out-of-bounds heap read and a-common-libs
write via specially crafted extended
file attributes. A remote attacker
with write access to extended file
attributes can execute arbitrary
code with the privileges of smbd,
typically root.
Two heap-overflow vulnerabilities
exist in openSUSE/libsolv libsolv
through 13 Dec 2020 in the
decisionmap variable via the https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-44568 6.5 libsolv Affected no
resolve_dependencies function at il/CVE-2021-44568
src/solver.c (line 1940 & line 1995),
which could cause a remote Denial
of Service.
A use-after-free exists in
drivers/tee/tee_shm.c in the TEE
subsystem in the Linux kernel
bpftool,kernel,kernel-core,ker
through 5.15.11. This occurs https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-44733 7 nel-modules,kernel-tools,kerne
because of a race condition in il/CVE-2021-44733
l-tools-libs,python3-perf
tee_shm_get_from_id during an
attempt to free a shared memory
object.
In the IPv6 implementation in the
Linux kernel before 5.13.3,
net/ipv6/output_core.c has an
information leak because of certain bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-45485 use of a hash table which, although 7.5 nel-modules,kernel-tools,kerne
il/CVE-2021-45485
big, doesn't properly consider that l-tools-libs,python3-perf
IPv6-based attackers can typically
choose among many IPv6 source
addresses.
In the IPv4 implementation in the
Linux kernel before 5.12.4, bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-45486 net/ipv4/route.c has an information 3.5 nel-modules,kernel-tools,kerne
il/CVE-2021-45486
leak because the hash table is very l-tools-libs,python3-perf
small.
In Expat (aka libexpat) before 2.4.3,
a left shift by 29 (or more) places in
the storeAtts function in xmlparse.c https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-45960 8.8 expat
can lead to realloc misbehavior il/CVE-2021-45960
(e.g., allocating too few bytes, or
only freeing memory).
In doProlog in xmlparse.c in Expat
(aka libexpat) before 2.4.3, an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-46143 7.8 expat
integer overflow exists for il/CVE-2021-46143
m_groupSize.
Execution unit scheduler contention
may lead to a side channel
vulnerability found on AMD CPU
microarchitectures codenamed “Zen
1”, “Zen 2” and “Zen 3” that use https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-46778 5.6 kernel Affected no
simultaneous multithreading (SMT). il/CVE-2021-46778
By measuring the contention level
on scheduler queues an attacker
may potentially leak sensitive
information.
In libtirpc before 1.3.3rc1, remote
attackers could exhaust the file
descriptors of a process that uses
libtirpc because idle TCP https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2021-46828 7.5 libtirpc Affected no
connections are mishandled. This il/CVE-2021-46828
can, in turn, lead to an svc_run
infinite loop without accepting new
connections.
Non-transparent sharing of branch
predictor selectors between
bpftool,kernel,kernel-core,ker
contexts in some Intel(R) Processors https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0001 6.5 nel-modules,kernel-tools,kerne
may allow an authorized user to il/CVE-2022-0001
l-tools-libs,python3-perf
potentially enable information
disclosure via local access.
Non-transparent sharing of branch
predictor within a context in some
bpftool,kernel,kernel-core,ker
Intel(R) Processors may allow an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0002 6.5 nel-modules,kernel-tools,kerne
authorized user to potentially il/CVE-2022-0002
l-tools-libs,python3-perf
enable information disclosure via
local access.
Sensitive information accessible by
physical probing of JTAG interface
for some Intel(R) Processors with https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0005 2.4 microcode_ctl Affected no
SGX may allow an unprivileged user il/CVE-2022-0005
to potentially enable information
disclosure via physical access.
A denial of service (DOS) issue was
found in the Linux kernel’s
smb2_ioctl_query_info function in
the fs/cifs/smb2ops.c Common
Internet File System (CIFS) due to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0168 4.4 kernel Affected no
an incorrect return from the il/CVE-2022-0168
memdup_user function. This flaw
allows a local, privileged
(CAP_SYS_ADMIN) attacker to
crash the system.
A flaw was found in the Linux
kernel. The existing KVM SEV API
has a vulnerability that allows a
non-root (host) user-level
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0171 application to crash the host kernel 5.5 kernel Affected no
il/CVE-2022-0171
by creating a confidential guest VM
instance in AMD CPU that supports
Secure Encrypted Virtualization
(SEV).

pandorafms.com 14
 a

Agent Module Date CVE Description Score Link Packages State Fixed

A heap-based buffer overflow flaw

was found in the way the
legacy_parse_param function in the
Filesystem Context functionality of
the Linux kernel verified the
supplied parameters length. An
unprivileged (in case of unprivileged
bpftool,kernel,kernel-core,ker
user namespaces enabled, https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0185 8.4 nel-modules,kernel-tools,kerne
otherwise needs namespaced il/CVE-2022-0185
l-tools-libs,python3-perf
CAP_SYS_ADMIN privilege) local
user able to open a filesystem that
does not support the Filesystem
Context API (and thus fallbacks to
legacy handling) could use this flaw
to escalate their privileges on the
system.
Heap-based Buffer Overflow in
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0261 GitHub repository vim/vim prior to 7.8 vim-minimal
il/CVE-2022-0261
8.2.
A flaw was found in the Linux
bpftool,kernel,kernel-core,ker
kernel. A null pointer dereference in https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0286 5.5 nel-modules,kernel-tools,kerne
bond_ipsec_add_sa() may lead to il/CVE-2022-0286
l-tools-libs,python3-perf
local denial of service.
Heap-based Buffer Overflow in https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0318 9.8 vim-minimal
vim/vim prior to 8.2. il/CVE-2022-0318
A flaw was found in the
sctp_make_strreset_req function in
net/sctp/sm_make_chunk.c in the
SCTP network protocol in the Linux bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0322 kernel with a local user privilege 5.5 nel-modules,kernel-tools,kerne
il/CVE-2022-0322
access. In this flaw, an attempt to l-tools-libs,python3-perf
use more buffer than is allocated
triggers a BUG_ON issue, leading to
a denial of service (DOS).
A random memory access flaw was
found in the Linux kernel's GPU
i915 kernel driver functionality in
bpftool,kernel,kernel-core,ker
the way a user may run malicious https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0330 7.8 nel-modules,kernel-tools,kerne
code on the GPU. This flaw allows a il/CVE-2022-0330
l-tools-libs,python3-perf
local user to crash the system or
escalate their privileges on the
system.
Heap-based Buffer Overflow in
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0359 GitHub repository vim/vim prior to 7.8 vim-minimal
il/CVE-2022-0359
8.2.
Heap-based Buffer Overflow in
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0361 GitHub repository vim/vim prior to 7.8 vim-minimal
il/CVE-2022-0361
8.2.
Heap-based Buffer Overflow in https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0392 7.8 vim-minimal
GitHub repository vim prior to 8.2. il/CVE-2022-0392
Use After Free in GitHub repository https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0413 7.8 vim-minimal
vim/vim prior to 8.2. il/CVE-2022-0413
A stack overflow flaw was found in
the Linux kernel's TIPC protocol
functionality in the way a user sends
a packet with malicious content
bpftool,kernel,kernel-core,ker
where the number of domain https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0435 8.8 nel-modules,kernel-tools,kerne
member nodes is higher than the 64 il/CVE-2022-0435
l-tools-libs,python3-perf
allowed. This flaw allows a remote
user to crash the system or possibly
escalate their privileges if they have
access to the TIPC network.
A vulnerability was found in the
Linux kernel’s
cgroup_release_agent_write in the
kernel/cgroup/cgroup-v1.c function. bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0492 This flaw, under certain 7.8 nel-modules,kernel-tools,kerne
il/CVE-2022-0492
circumstances, allows the use of the l-tools-libs,python3-perf
cgroups v1 release_agent feature to
escalate privileges and bypass the
namespace isolation unexpectedly.
A kernel information leak flaw was
identified in the scsi_ioctl function
in drivers/scsi/scsi_ioctl.c in the
Linux kernel. This flaw allows a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0494 4.4 kernel Affected no
local attacker with a special user il/CVE-2022-0494
privilege (CAP_SYS_ADMIN or
CAP_SYS_RAWIO) to create issues
with confidentiality.
A vulnerability was found in
kvm_s390_guest_sida_op in the
arch/s390/kvm/kvm-s390.c function
in KVM for s390 in the Linux kernel. bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0516 This flaw allows a local attacker 7.8 nel-modules,kernel-tools,kerne
il/CVE-2022-0516
with a normal user privilege to l-tools-libs,python3-perf
obtain unauthorized memory write
access. This flaw affects Linux
kernel versions prior to 5.17-rc4.
Null source pointer passed as an
argument to memcpy() function
within TIFFFetchStripThing() in
tif_dirread.c in libtiff versions from
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0561 3.9.0 to 4.3.0 could lead to Denial of 5.5 libtiff Affected no
il/CVE-2022-0561
Service via crafted TIFF file. For
users that compile libtiff from
sources, the fix is available with
commit eecb0712.
Null source pointer passed as an
argument to memcpy() function
within TIFFReadDirectory() in
tif_dirread.c in libtiff versions from
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0562 4.0 to 4.3.0 could lead to Denial of 5.5 libtiff Affected no
il/CVE-2022-0562
Service via crafted TIFF file. For
users that compile libtiff from
sources, a fix is available with
commit 561599c.
A flaw null pointer dereference in
the Linux kernel UDF file system
functionality was found in the way
user triggers udf_file_write_iter
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0617 function for the malicious UDF 5.5 kernel Affected no
il/CVE-2022-0617
image. A local user could use this
flaw to crash the system. Actual
from Linux kernel 4.2-rc1 till 5.17-
rc2.

pandorafms.com 15
 a

Agent Module Date CVE Description Score Link Packages State Fixed

The BN_mod_sqrt() function, which

computes a modular square root,
contains a bug that can cause it to
loop forever for non-prime moduli.
Internally this function is used when
parsing certificates that contain
elliptic curve public keys in
compressed form or explicit elliptic
curve parameters with a base point
encoded in compressed form. It is
possible to trigger the infinite loop
by crafting a certificate that has
invalid explicit curve parameters.
Since certificate parsing happens
prior to verification of the
certificate signature, any process
that parses an externally supplied
certificate may thus be subject to a
denial of service attack. The infinite
loop can also be reached when
parsing crafted private keys as they
can contain explicit elliptic curve
parameters. Thus vulnerable
situations include: - TLS clients
consuming server certificates - TLS
servers consuming client
certificates - Hosting providers
taking certificates or private keys
from customers - Certificate https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0778 7.5 compat-openssl10
authorities parsing certification il/CVE-2022-0778
requests from subscribers -
Anything else which parses ASN.1
elliptic curve parameters Also any
other applications that use the
BN_mod_sqrt() where the attacker
can control the parameter values
are vulnerable to this DoS issue. In
the OpenSSL 1.0.2 version the
public key is not parsed during
initial parsing of the certificate
which makes it slightly harder to
trigger the infinite loop. However
any operation which requires the
public key from the certificate will
trigger the infinite loop. In
particular the attacker can use a
self-signed certificate to trigger the
loop during verification of the
certificate signature. This issue
affects OpenSSL versions 1.0.2,
1.1.1 and 3.0. It was addressed in
the releases of 1.1.1n and 3.0.2 on
the 15th March 2022. Fixed in
OpenSSL 3.0.2 (Affected
3.0.0,3.0.1). Fixed in OpenSSL
1.1.1n (Affected 1.1.1-1.1.1m).
Fixed in OpenSSL 1.0.2zd (Affected
1.0.2-1.0.2zc).
A flaw was found in the way the
"flags" member of the new pipe
buffer structure was lacking proper
initialization in
copy_page_to_iter_pipe and
bpftool,kernel,kernel-core,ker
push_pipe functions in the Linux https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0847 7.8 nel-modules,kernel-tools,kerne
kernel and could thus contain stale il/CVE-2022-0847
l-tools-libs,python3-perf
values. An unprivileged local user
could use this flaw to write to pages
in the page cache backed by read
only files and as such escalate their
privileges on the system.
A memory leak flaw was found in
the Linux kernel’s DMA subsystem,
in the way a user calls https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0854 5.5 kernel Affected no
DMA_FROM_DEVICE. This flaw il/CVE-2022-0854
allows a local user to read random
memory from the kernel space.
Reachable Assertion in tiffcp in
libtiff 4.3.0 allows attackers to
cause a denial-of-service via a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0865 6.5 libtiff Affected no
crafted tiff file. For users that il/CVE-2022-0865
compile libtiff from sources, the fix
is available with commit 5e180045.
Reachable Assertion in tiffcp in
libtiff 4.3.0 allows attackers to
cause a denial-of-service via a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0865 6.5 kernel Affected no
crafted tiff file. For users that il/CVE-2022-0865
compile libtiff from sources, the fix
is available with commit 5e180045.
A heap buffer overflow in
ExtractImageSection function in
tiffcrop.c in libtiff library Version
4.3.0 allows attacker to trigger
unsafe or out of bounds memory https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0891 7.1 libtiff Affected no
access via crafted TIFF image file il/CVE-2022-0891
which could result into application
crash, potential information
disclosure or any other context-
dependent impact
Null source pointer passed as an
argument to memcpy() function
within TIFFFetchNormalTag () in https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0908 5.5 libtiff Affected no
tif_dirread.c in libtiff versions up to il/CVE-2022-0908
4.3.0 could lead to Denial of Service
via crafted TIFF file.
Divide By Zero error in tiffcrop in
libtiff 4.3.0 allows attackers to
cause a denial-of-service via a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0909 5.5 libtiff Affected no
crafted tiff file. For users that il/CVE-2022-0909
compile libtiff from sources, the fix
is available with commit f8d0f9aa.
Out-of-bounds Read error in tiffcp in
libtiff 4.3.0 allows attackers to
cause a denial-of-service via a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-0924 5.5 libtiff Affected no
crafted tiff file. For users that il/CVE-2022-0924
compile libtiff from sources, the fix
is available with commit 408976c4.

pandorafms.com 16
 a

Agent Module Date CVE Description Score Link Packages State Fixed

A use-after-free flaw was found in

the Linux kernel’s FUSE filesystem
in the way a user triggers write(). bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1011 This flaw allows a local user to gain 7.8 nel-modules,kernel-tools,kerne
il/CVE-2022-1011
unauthorized access to data from l-tools-libs,python3-perf
the FUSE filesystem, resulting in
privilege escalation.
A memory leak problem was found
in the TCP source port generation
bpftool,kernel,kernel-core,ker
algorithm in net/ipv4/tcp.c due to
https://nvd.nist.gov/vuln/deta nel-headers,kernel-modules,ker
stod Scanned_CVEs 2022-10-18 CVE-2022-1012 the small table perturb size. This 9.1
il/CVE-2022-1012 nel-tools,kernel-tools-libs,py
flaw may allow an attacker to
thon3-perf
information leak and may cause a
denial of service problem.
A flaw was found in the Linux kernel
in net/netfilter/nf_tables_core.c
:nft_do_chain, which can cause a
use-after-free. This issue needs to
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1016 handle 'return' with proper 5.5 kernel Affected no
il/CVE-2022-1016
preconditions, as it can lead to a
kernel information leak problem
caused by a local, unprivileged
attacker.
A use-after-free flaw was found in
the Linux kernel’s sound subsystem
in the way a user triggers
concurrent calls of PCM
hw_params. The hw_free ioctls or https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1048 7 kernel Affected no
similar race condition happens il/CVE-2022-1048
inside ALSA PCM for other ioctls.
This flaw allows a local user to
crash or potentially escalate their
privileges on the system.
A use-after-free exists in the Linux
Kernel in tc_new_tfilter that could
allow a local attacker to gain
privilege escalation. The exploit
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1055 requires unprivileged user 7.8 kernel Affected no
il/CVE-2022-1055
namespaces. We recommend
upgrading past commit
04c2a47ffb13c29778e2a14e414ad4
cb5a5db4b5
A flaw was found in the
opj2_decompress program in
openjpeg2 2.4.0 in the way it
handles an input directory with a
large number of files. When it fails https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1122 5.5 openjpeg2 Affected no
to allocate a buffer to store the il/CVE-2022-1122
filenames of the input directory, it
calls free() on an uninitialized
pointer, leading to a segmentation
fault and a denial of service.
Use after free in utf_ptr2char in
https://nvd.nist.gov/vuln/deta vim-common,vim-enhanced,vim-fi
stod Scanned_CVEs 2022-10-18 CVE-2022-1154 GitHub repository vim/vim prior to 7.8
il/CVE-2022-1154 lesystem,vim-minimal
8.2.4646.
A flaw was found in KVM. When
updating a guest's page table entry,
vm_pgoff was improperly used as
the offset to get the page's pfn. As
vaddr and vm_pgoff are controllable
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1158 by user-mode processes, this flaw 7.8 kernel Affected no
il/CVE-2022-1158
allows unprivileged local users on
the host to write outside the
userspace region and potentially
corrupt the kernel, resulting in a
denial of service condition.
A use-after-free flaw was found in
fs/ext4/namei.c:dx_insert_bloc
k() in the Linux kernel’s filesystem https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1184 5.5 kernel Affected no
sub-component. This flaw allows a il/CVE-2022-1184
local attacker with a user privilege
to cause a denial of service.
A NULL pointer dereference issue
was found in KVM when releasing a
vCPU with dirty ring support
enabled. This flaw allows an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1263 5.5 kernel Affected no
unprivileged local attacker on the il/CVE-2022-1263
host to issue specific ioctl calls,
causing a kernel oops condition that
results in a denial of service.
An arbitrary file write vulnerability
was found in GNU gzip's zgrep
utility. When zgrep is applied on the
attacker's chosen file name (for
example, a crafted file name), this
can overwrite an attacker's content
to an arbitrary attacker-selected
file. This flaw occurs due to
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1271 insufficient validation when 8.8 gzip,xz,xz-libs
il/CVE-2022-1271
processing filenames with two or
more newlines where selected
content and the target file names
are embedded in crafted multi-line
file names. This flaw allows a
remote, low privileged attacker to
force zgrep to write arbitrary files
on the system.
A use-after-free vulnerability was
found in drm_lease_held in
drivers/gpu/drm/drm_lease.c in the
Linux kernel due to a race problem. https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1280 6.3 kernel Affected no
This flaw allows a local user il/CVE-2022-1280
privilege attacker to cause a denial
of service (DoS) or a kernel
information leak.

pandorafms.com 17
 a

Agent Module Date CVE Description Score Link Packages State Fixed

The c_rehash script does not

properly sanitise shell
metacharacters to prevent
command injection. This script is
distributed by some operating
systems in a manner where it is
automatically executed. On such
operating systems, an attacker
could execute arbitrary commands https://nvd.nist.gov/vuln/deta openssl,openssl-devel,openssl-
stod Scanned_CVEs 2022-10-18 CVE-2022-1292 9.8
with the privileges of the script. Use il/CVE-2022-1292 libs
of the c_rehash script is considered
obsolete and should be replaced by
the OpenSSL rehash command line
tool. Fixed in OpenSSL 3.0.3
(Affected 3.0.0,3.0.1,3.0.2). Fixed in
OpenSSL 1.1.1o (Affected
1.1.1-1.1.1n). Fixed in OpenSSL
1.0.2ze (Affected 1.0.2-1.0.2zd).
An out-of-bounds read/write
vulnerability was found in e2fsprogs
1.46.5. This issue leads to a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1304 7.8 e2fsprogs Affected no
segmentation fault and possibly il/CVE-2022-1304
arbitrary code execution via a
specially crafted filesystem.
A vulnerability was found in the
pfkey_register function in
net/key/af_key.c in the Linux kernel.
This flaw allows a local, https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1353 7.1 kernel Affected no
unprivileged user to gain access to il/CVE-2022-1353
kernel memory, leading to a system
crash or a leak of internal kernel
information.
A stack buffer overflow flaw was
found in Libtiffs' tiffcp.c in main()
function. This flaw allows an
attacker to pass a crafted TIFF file
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1355 to the tiffcp tool, triggering a stack 6.1 libtiff Affected no
il/CVE-2022-1355
buffer overflow issue, possibly
corrupting the memory, and causing
a crash that leads to a denial of
service.
An out-of-bounds read flaw was
found in the Linux kernel’s
TeleTYpe subsystem. The issue
occurs in how a user triggers a race
condition using ioctls TIOCSPTLCK
and TIOCGPTPEER and TIOCSTI https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1462 6.3 kernel Affected no
and TCXONC with leakage of il/CVE-2022-1462
memory in the flush_to_ldisc
function. This flaw allows a local
user to crash the system or read
unauthorized random data from
memory.
An out-of-bounds read vulnerability
was discovered in the PCRE2 library
in the
compile_xclass_matchingpath()
function of the pcre2_jit_compile.c
https://nvd.nist.gov/vuln/deta pcre2,pcre2-devel,pcre2-utf16,
stod Scanned_CVEs 2022-10-18 CVE-2022-1586 file. This involves a unicode 9.1
il/CVE-2022-1586 pcre2-utf32
property matching issue in JIT-
compiled regular expressions. The
issue occurs because the character
was not fully read in case-less
matching within JIT.
Heap buffer overflow in vim_strncpy
find_word in GitHub repository
vim/vim prior to 8.2.4919. This
https://nvd.nist.gov/vuln/deta vim-common,vim-enhanced,vim-fi
stod Scanned_CVEs 2022-10-18 CVE-2022-1621 vulnerability is capable of crashing 7.8
il/CVE-2022-1621 lesystem,vim-minimal
software, Bypass Protection
Mechanism, Modify Memory, and
possible remote execution
Buffer Over-read in function
find_next_quote in GitHub
repository vim/vim prior to
https://nvd.nist.gov/vuln/deta vim-common,vim-enhanced,vim-fi
stod Scanned_CVEs 2022-10-18 CVE-2022-1629 8.2.4925. This vulnerabilities are 7.8
il/CVE-2022-1629 lesystem,vim-minimal
capable of crashing software,
Modify Memory, and possible
remote execution
A set of pre-production kernel
packages of Red Hat Enterprise
Linux for IBM Power architecture
can be booted by the grub in Secure
Boot mode even though it shouldn't.
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1665 These kernel builds don't have the 8.2 kernel Affected no
il/CVE-2022-1665
secure boot lockdown patches
applied to it and can bypass the
secure boot validations, allowing
the attacker to load another non-
trusted code.
An issue was discovered in the
Linux Kernel from 4.18 to 4.19, an
improper update of sock reference https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1678 7.5 kernel Affected no
in TCP pacing can lead to il/CVE-2022-1678
memory/netns leak, which can be
used by remote clients.
A use-after-free flaw was found in
the Linux kernel’s Atheros wireless
adapter driver in the way a user
forces the ath9k_htc_wait_for_target https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1679 7.8 kernel Affected no
function to fail with some input il/CVE-2022-1679
messages. This flaw allows a local
user to crash or potentially escalate
their privileges on the system.
Acceptance of some invalid
Transfer-Encoding headers in the
HTTP/1 client in net/http before Go
1.17.12 and Go 1.18.4 allows HTTP https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1705 6.5 git-lfs Affected no
request smuggling if combined with il/CVE-2022-1705
an intermediate server that also
improperly fails to reject the header
as invalid.
A race condition was found the
Linux kernel in perf_event_open()
which can be exploited by an
bpftool,kernel,kernel-core,ker
unprivileged user to gain root https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1729 7 nel-modules,kernel-tools,kerne
privileges. The bug allows to build il/CVE-2022-1729
l-tools-libs,python3-perf
several exploit primitives such as
kernel address information leak,
arbitrary execution, etc.

pandorafms.com 18
 a

Agent Module Date CVE Description Score Link Packages State Fixed

Out-of-bounds Write in GitHub

https://nvd.nist.gov/vuln/deta vim-common,vim-enhanced,vim-fi
stod Scanned_CVEs 2022-10-18 CVE-2022-1785 repository vim/vim prior to 7.8
il/CVE-2022-1785 lesystem,vim-minimal
8.2.4977.
With shadow paging enabled, the
INVPCID instruction results in a call
to kvm_mmu_invpcid_gva. If
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1789 INVPCID is executed with 6.8 kernel Affected no
il/CVE-2022-1789
CR0.PG=0, the invlpg callback is
not set and the result is a NULL
pointer dereference.
A NULL pointer dereference flaw
was found in the Linux kernel’s
KVM module, which can lead to a
denial of service in the
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1852 x86_emulate_insn in 5.5 kernel Affected no
il/CVE-2022-1852
arch/x86/kvm/emulate.c. This flaw
occurs while executing an illegal
instruction in guest in the Intel
CPU.
Out-of-bounds Write in GitHub https://nvd.nist.gov/vuln/deta vim-common,vim-enhanced,vim-fi
stod Scanned_CVEs 2022-10-18 CVE-2022-1897 7.8
repository vim/vim prior to 8.2. il/CVE-2022-1897 lesystem,vim-minimal
Buffer Over-read in GitHub https://nvd.nist.gov/vuln/deta vim-common,vim-enhanced,vim-fi
stod Scanned_CVEs 2022-10-18 CVE-2022-1927 9.8
repository vim/vim prior to 8.2. il/CVE-2022-1927 lesystem,vim-minimal
Buffer Over-read in GitHub https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-1927 9.8 kernel Affected no
repository vim/vim prior to 8.2. il/CVE-2022-1927
In ip_check_mc_rcu of igmp.c, there
is a possible use after free due to
improper locking. This could lead to
local escalation of privilege when
opening and closing inet sockets
with no additional execution
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-20141 privileges needed. User interaction 7 kernel Affected no
il/CVE-2022-20141
is not needed for
exploitation.Product:
AndroidVersions: Android
kernelAndroid ID:
A-112551163References: Upstream
kernel
In various methods of kernel base
drivers, there is a possible out of
bounds write due to a heap buffer
overflow. This could lead to local
escalation of privilege with System
execution privileges needed. User https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-20166 6.7 kernel Affected no
interaction is not needed for il/CVE-2022-20166
exploitation.Product:
AndroidVersions: Android
kernelAndroid ID:
A-182388481References: Upstream
kernel
Divide By Zero error in tiffcrop in
libtiff 4.4.0 allows attackers to
cause a denial-of-service via a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2056 6.5 libtiff Affected no
crafted tiff file. For users that il/CVE-2022-2056
compile libtiff from sources, the fix
is available with commit f3a5e010.
Divide By Zero error in tiffcrop in
libtiff 4.4.0 allows attackers to
cause a denial-of-service via a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2057 6.5 libtiff Affected no
crafted tiff file. For users that il/CVE-2022-2057
compile libtiff from sources, the fix
is available with commit f3a5e010.
Divide By Zero error in tiffcrop in
libtiff 4.4.0 allows attackers to
cause a denial-of-service via a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2058 6.5 libtiff Affected no
crafted tiff file. For users that il/CVE-2022-2058
compile libtiff from sources, the fix
is available with commit f3a5e010.
In addition to the c_rehash shell
command injection identified in
CVE-2022-1292, further
circumstances where the c_rehash
script does not properly sanitise
shell metacharacters to prevent
command injection were found by
code review. When the
CVE-2022-1292 was fixed it was not
discovered that there are other
places in the script where the file
names of certificates being hashed
were possibly passed to a command
executed through the shell. This
https://nvd.nist.gov/vuln/deta openssl,openssl-devel,openssl-
stod Scanned_CVEs 2022-10-18 CVE-2022-2068 script is distributed by some 9.8
il/CVE-2022-2068 libs
operating systems in a manner
where it is automatically executed.
On such operating systems, an
attacker could execute arbitrary
commands with the privileges of the
script. Use of the c_rehash script is
considered obsolete and should be
replaced by the OpenSSL rehash
command line tool. Fixed in
OpenSSL 3.0.4 (Affected
3.0.0,3.0.1,3.0.2,3.0.3). Fixed in
OpenSSL 1.1.1p (Affected
1.1.1-1.1.1o). Fixed in OpenSSL
1.0.2zf (Affected 1.0.2-1.0.2ze).
A vulnerability was found in the
Linux kernel's
nft_set_desc_concat_parse()
function .This flaw allows an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2078 5.5 kernel Affected no
attacker to trigger a buffer overflow il/CVE-2022-2078
via nft_set_desc_concat_parse() ,
causing a denial of service and
possibly to run code.

pandorafms.com 19
 a

Agent Module Date CVE Description Score Link Packages State Fixed

AES OCB mode for 32-bit x86

platforms using the AES-NI
assembly optimised implementation
will not encrypt the entirety of the
data under some circumstances.
This could reveal sixteen bytes of
data that was preexisting in the
memory that wasn't written. In the
https://nvd.nist.gov/vuln/deta openssl,openssl-devel,openssl-
stod Scanned_CVEs 2022-10-18 CVE-2022-2097 special case of "in place" 5.3
il/CVE-2022-2097 libs
encryption, sixteen bytes of the
plaintext would be revealed. Since
OpenSSL does not support OCB
based cipher suites for TLS and
DTLS, they are both unaffected.
Fixed in OpenSSL 3.0.5 (Affected
3.0.0-3.0.4). Fixed in OpenSSL
1.1.1q (Affected 1.1.1-1.1.1p).
Incomplete cleanup of multi-core
shared buffers for some Intel(R)
Processors may allow an https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21123 5.5 kernel,microcode_ctl Affected no
authenticated user to potentially il/CVE-2022-21123
enable information disclosure via
local access.
Incomplete cleanup of
microarchitectural fill buffers on
some Intel(R) Processors may allow https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21125 5.5 kernel,microcode_ctl Affected no
an authenticated user to potentially il/CVE-2022-21125
enable information disclosure via
local access.
Incomplete cleanup in specific
special register read operations for
some Intel(R) Processors may allow https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21127 5.5 microcode_ctl Affected no
an authenticated user to potentially il/CVE-2022-21127
enable information disclosure via
local access.
Improper access control for some
Intel(R) Xeon(R) Processors may
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21131 allow an authenticated user to 5.5 microcode_ctl Affected no
il/CVE-2022-21131
potentially enable information
disclosure via local access.
Improper input validation for some
Intel(R) Xeon(R) Processors may
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21136 allow a privileged user to potentially 5.5 microcode_ctl Affected no
il/CVE-2022-21136
enable denial of service via local
access.
Processor optimization removal or
modification of security-critical code
for some Intel(R) Processors may https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21151 5.5 microcode_ctl Affected no
allow an authenticated user to il/CVE-2022-21151
potentially enable information
disclosure via local access.
Incomplete cleanup in specific
special register write operations for
some Intel(R) Processors may allow https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21166 5.5 kernel,microcode_ctl Affected no
an authenticated user to potentially il/CVE-2022-21166
enable information disclosure via
local access.
Improper isolation of shared
resources in some Intel(R)
Processors may allow a privileged https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21233 5.5 kernel,microcode_ctl Affected no
user to potentially enable il/CVE-2022-21233
information disclosure via local
access.
Oracle GraalVM Enterprise
Edition: 20.3.5, 21.3.1 and
22.0.0.2. Easily exploitable
vulnerability allows
unauthenticated attacker with
network access via multiple
protocols to compromise Oracle
Java SE, Oracle GraalVM
Enterprise Edition. Successful
attacks of this vulnerability can
result in unauthorized ability to
cause a partial denial of service
(partial DOS) of Oracle Java SE,
Vulnerability in the Oracle Java SE,
Oracle GraalVM Enterprise
Oracle GraalVM Enterprise Edition
Edition. Note: This vulnerability
product of Oracle Java SE
applies to Java deployments, https://nvd.nist.gov/vuln/deta java-1.8.0-openjdk,java-1.8.0-
stod Scanned_CVEs 2022-10-18 CVE-2022-21426 (component: JAXP). Supported 5.3
typically in clients running il/CVE-2022-21426 openjdk-headless
versions that are affected are
sandboxed Java Web Start
Oracle Java SE: 7u331, 8u321,
applications or sandboxed Java
11.0.14, 17.0.2, 18
applets, that load and run
untrusted code (e.g., code that
comes from the internet) and rely
on the Java sandbox for security.
This vulnerability can also be
exploited by using APIs in the
specified Component, e.g.,
through a web service which
supplies data to the APIs. CVSS
3.1 Base Score 5.3 (Availability
impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:N/I:N/A:L).

pandorafms.com 20
 a

Agent Module Date CVE Description Score Link Packages State Fixed

Oracle GraalVM Enterprise

Edition: 20.3.5, 21.3.1 and
22.0.0.2. Easily exploitable
vulnerability allows
unauthenticated attacker with
network access via multiple
protocols to compromise Oracle
Java SE, Oracle GraalVM
Enterprise Edition. Successful
attacks of this vulnerability can
result in unauthorized update,
insert or delete access to some of
Oracle Java SE, Oracle GraalVM
Vulnerability in the Oracle Java SE,
Enterprise Edition accessible
Oracle GraalVM Enterprise Edition
data. Note: This vulnerability
product of Oracle Java SE
applies to Java deployments, https://nvd.nist.gov/vuln/deta java-1.8.0-openjdk,java-1.8.0-
stod Scanned_CVEs 2022-10-18 CVE-2022-21434 (component: Libraries). Supported 5.3
typically in clients running il/CVE-2022-21434 openjdk-headless
versions that are affected are
sandboxed Java Web Start
Oracle Java SE: 7u331, 8u321,
applications or sandboxed Java
11.0.14, 17.0.2, 18
applets, that load and run
untrusted code (e.g., code that
comes from the internet) and rely
on the Java sandbox for security.
This vulnerability can also be
exploited by using APIs in the
specified Component, e.g.,
through a web service which
supplies data to the APIs. CVSS
3.1 Base Score 5.3 (Integrity
impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:N/I:L/A:N).
Oracle GraalVM Enterprise
Edition: 20.3.5, 21.3.1 and
22.0.0.2. Difficult to exploit
vulnerability allows
unauthenticated attacker with
network access via multiple
protocols to compromise Oracle
Java SE, Oracle GraalVM
Enterprise Edition. Successful
attacks of this vulnerability can
result in unauthorized ability to
cause a partial denial of service
(partial DOS) of Oracle Java SE,
Vulnerability in the Oracle Java SE,
Oracle GraalVM Enterprise
Oracle GraalVM Enterprise Edition
Edition. Note: This vulnerability
product of Oracle Java SE
applies to Java deployments, https://nvd.nist.gov/vuln/deta java-1.8.0-openjdk,java-1.8.0-
stod Scanned_CVEs 2022-10-18 CVE-2022-21443 (component: Libraries). Supported 3.7
typically in clients running il/CVE-2022-21443 openjdk-headless
versions that are affected are
sandboxed Java Web Start
Oracle Java SE: 7u331, 8u321,
applications or sandboxed Java
11.0.14, 17.0.2, 18
applets, that load and run
untrusted code (e.g., code that
comes from the internet) and rely
on the Java sandbox for security.
This vulnerability can also be
exploited by using APIs in the
specified Component, e.g.,
through a web service which
supplies data to the APIs. CVSS
3.1 Base Score 3.7 (Availability
impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/
S:U/C:N/I:N/A:L).
Oracle GraalVM Enterprise
Edition: 20.3.5, 21.3.1 and
22.0.0.2. Easily exploitable
vulnerability allows
unauthenticated attacker with
network access via multiple
protocols to compromise Oracle
Java SE, Oracle GraalVM
Enterprise Edition. Successful
attacks of this vulnerability can
result in unauthorized access to
critical data or complete access
to all Oracle Java SE, Oracle
Vulnerability in the Oracle Java SE, GraalVM Enterprise Edition
Oracle GraalVM Enterprise Edition accessible data. Note: This
product of Oracle Java SE vulnerability applies to Java
https://nvd.nist.gov/vuln/deta java-1.8.0-openjdk,java-1.8.0-
stod Scanned_CVEs 2022-10-18 CVE-2022-21476 (component: Libraries). Supported deployments, typically in clients 7.5
il/CVE-2022-21476 openjdk-headless
versions that are affected are running sandboxed Java Web
Oracle Java SE: 7u331, 8u321, Start applications or sandboxed
11.0.14, 17.0.2, 18 Java applets, that load and run
untrusted code (e.g., code that
comes from the internet) and rely
on the Java sandbox for security.
This vulnerability can also be
exploited by using APIs in the
specified Component, e.g.,
through a web service which
supplies data to the APIs. CVSS
3.1 Base Score 7.5
(Confidentiality impacts). CVSS
Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:H/I:N/A:N).

pandorafms.com 21
 a

Agent Module Date CVE Description Score Link Packages State Fixed

Oracle GraalVM Enterprise

Edition: 20.3.5, 21.3.1 and
22.0.0.2. Easily exploitable
vulnerability allows
unauthenticated attacker with
network access via multiple
protocols to compromise Oracle
Java SE, Oracle GraalVM
Enterprise Edition. Successful
attacks of this vulnerability can
result in unauthorized update,
insert or delete access to some of
Oracle Java SE, Oracle GraalVM
Vulnerability in the Oracle Java SE,
Enterprise Edition accessible
Oracle GraalVM Enterprise Edition
data. Note: This vulnerability
product of Oracle Java SE
applies to Java deployments, https://nvd.nist.gov/vuln/deta java-1.8.0-openjdk,java-1.8.0-
stod Scanned_CVEs 2022-10-18 CVE-2022-21496 (component: JNDI). Supported 5.3
typically in clients running il/CVE-2022-21496 openjdk-headless
versions that are affected are
sandboxed Java Web Start
Oracle Java SE: 7u331, 8u321,
applications or sandboxed Java
11.0.14, 17.0.2, 18
applets, that load and run
untrusted code (e.g., code that
comes from the internet) and rely
on the Java sandbox for security.
This vulnerability can also be
exploited by using APIs in the
specified Component, e.g.,
through a web service which
supplies data to the APIs. CVSS
3.1 Base Score 5.3 (Integrity
impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:N/I:L/A:N).
KGDB and KDB allow read and
write access to kernel memory, and
thus should be restricted during
lockdown. An attacker with access
to a serial port could trigger the
debugger so it is important that the
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-21499 debugger respect the lockdown 6.5 kernel Affected no
il/CVE-2022-21499
mode when/if it is triggered. CVSS
3.1 Base Score 6.5 (Confidentiality,
Integrity and Availability impacts).
CVSS Vector:
(CVSS:3.1/AV:L/AC:L/PR:H/UI:R/
S:U/C:H/I:H/A:H).
A flaw was found in the Linux
kernel’s KVM when attempting to
set a SynIC IRQ. This issue makes it
possible for a misbehaving VMM to
write to SYNIC/STIMER MSRs,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2153 causing a NULL pointer 5.5 kernel Affected no
il/CVE-2022-2153
dereference. This flaw allows an
unprivileged local attacker on the
host to issue specific ioctl calls,
causing a kernel oops condition that
results in a denial of service.
Oracle GraalVM Enterprise
Edition: 20.3.6, 21.3.2 and
22.1.0. Easily exploitable
vulnerability allows
unauthenticated attacker with
network access via multiple
protocols to compromise Oracle
Java SE, Oracle GraalVM
Enterprise Edition. Successful
attacks of this vulnerability can
result in unauthorized read
access to a subset of Oracle Java
SE, Oracle GraalVM Enterprise
Vulnerability in the Oracle Java SE,
Edition accessible data. Note:
Oracle GraalVM Enterprise Edition
This vulnerability applies to Java
product of Oracle Java SE
deployments, typically in clients https://nvd.nist.gov/vuln/deta java-1.8.0-openjdk,java-1.8.0-
stod Scanned_CVEs 2022-10-18 CVE-2022-21540 (component: Hotspot). Supported 5.3
running sandboxed Java Web il/CVE-2022-21540 openjdk-headless
versions that are affected are
Start applications or sandboxed
Oracle Java SE: 7u343, 8u333,
Java applets, that load and run
11.0.15.1, 17.0.3.1, 18.0.1.1
untrusted code (e.g., code that
comes from the internet) and rely
on the Java sandbox for security.
This vulnerability can also be
exploited by using APIs in the
specified Component, e.g.,
through a web service which
supplies data to the APIs. CVSS
3.1 Base Score 5.3
(Confidentiality impacts). CVSS
Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:L/I:N/A:N).
Oracle GraalVM Enterprise
Edition: 20.3.6, 21.3.2 and
22.1.0. Difficult to exploit
vulnerability allows
unauthenticated attacker with
network access via multiple
protocols to compromise Oracle
Java SE, Oracle GraalVM
Enterprise Edition. Successful
attacks of this vulnerability can
result in unauthorized creation,
deletion or modification access to
critical data or all Oracle Java SE,
Vulnerability in the Oracle Java SE,
Oracle GraalVM Enterprise
Oracle GraalVM Enterprise Edition
Edition accessible data. Note:
product of Oracle Java SE
This vulnerability applies to Java https://nvd.nist.gov/vuln/deta java-1.8.0-openjdk,java-1.8.0-
stod Scanned_CVEs 2022-10-18 CVE-2022-21541 (component: Hotspot). Supported 5.9
deployments, typically in clients il/CVE-2022-21541 openjdk-headless
versions that are affected are
running sandboxed Java Web
Oracle Java SE: 7u343, 8u333,
Start applications or sandboxed
11.0.15.1, 17.0.3.1, 18.0.1.1
Java applets, that load and run
untrusted code (e.g., code that
comes from the internet) and rely
on the Java sandbox for security.
This vulnerability can also be
exploited by using APIs in the
specified Component, e.g.,
through a web service which
supplies data to the APIs. CVSS
3.1 Base Score 5.9 (Integrity
impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/
S:U/C:N/I:H/A:N).

pandorafms.com 22
 a

Agent Module Date CVE Description Score Link Packages State Fixed

An improper authentication
vulnerability exists in curl 7.33.0 to
and including 7.82.0 which might
allow reuse OAUTH2-authenticated
connections without properly
making sure that the connection https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22576 8.1 curl,libcurl
was authenticated with the same il/CVE-2022-22576
credentials as set for this transfer.
This affects SASL-enabled
protocols: SMPTP(S), IMAP(S),
POP3(S) and LDAP(S) (openldap
only).
addBinding in xmlparse.c in Expat
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22822 (aka libexpat) before 2.4.3 has an 9.8 expat
il/CVE-2022-22822
integer overflow.
build_model in xmlparse.c in Expat
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22823 (aka libexpat) before 2.4.3 has an 9.8 expat
il/CVE-2022-22823
integer overflow.
defineAttribute in xmlparse.c in
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22824 Expat (aka libexpat) before 2.4.3 9.8 expat
il/CVE-2022-22824
has an integer overflow.
lookup in xmlparse.c in Expat (aka
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22825 libexpat) before 2.4.3 has an integer 8.8 expat
il/CVE-2022-22825
overflow.
nextScaffoldPart in xmlparse.c in
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22826 Expat (aka libexpat) before 2.4.3 8.8 expat
il/CVE-2022-22826
has an integer overflow.
storeAtts in xmlparse.c in Expat
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22827 (aka libexpat) before 2.4.3 has an 8.8 expat
il/CVE-2022-22827
integer overflow.
LibTIFF 4.3.0 has an out-of-bounds
read in _TIFFmemcpy in tif_unix.c in
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22844 certain situations involving a 5.5 libtiff Affected no
il/CVE-2022-22844
custom tag and 0x0200 as the
second word of the DE field.
LibTIFF 4.3.0 has an out-of-bounds
read in _TIFFmemcpy in tif_unix.c in bpftool,kernel,kernel-core,ker
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-22844 certain situations involving a 5.5 nel-modules,kernel-tools,kerne
il/CVE-2022-22844
custom tag and 0x0200 as the l-tools-libs,python3-perf
second word of the DE field.
valid.c in libxml2 before 2.9.13 has
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-23308 a use-after-free of ID and IDREF 7.5 libxml2,python3-libxml2
il/CVE-2022-23308
attributes.
valid.c in libxml2 before 2.9.13 has
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-23308 a use-after-free of ID and IDREF 7.5 kernel Affected no
il/CVE-2022-23308
attributes.
Aliases in the branch predictor may
cause some AMD processors to
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-23825 predict the wrong branch type 6.5 kernel Affected no
il/CVE-2022-23825
potentially leading to information
disclosure.
Expat (aka libexpat) before 2.4.4
has a signed integer overflow in
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-23852 XML_GetBuffer, for configurations 9.8 expat
il/CVE-2022-23852
with a nonzero
XML_CONTEXT_BYTES.
Certain Arm Cortex and Neoverse
processors through 2022-03-08 do
not properly restrict cache
speculation, aka Spectre-BHB. An
attacker can leverage the shared https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-23960 5.6 kernel Affected no
branch history in the Branch il/CVE-2022-23960
History Buffer (BHB) to influence
mispredicted branches. Then, cache
allocation can allow the attacker to
obtain sensitive information.
In Cyrus SASL 2.1.17 through
2.1.27 before 2.1.28, plugins/sql.c https://nvd.nist.gov/vuln/deta cyrus-sasl-gssapi,cyrus-sasl-l
stod Scanned_CVEs 2022-10-18 CVE-2022-24407 8.8
does not escape the password for a il/CVE-2022-24407 ib,cyrus-sasl-plain
SQL INSERT or UPDATE statement.
An issue was discovered in
fs/nfs/dir.c in the Linux kernel
before 5.16.5. If an application sets
the O_DIRECTORY flag, and tries to
open a regular file,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-24448 nfs_atomic_open() performs a 3.3 kernel Affected no
il/CVE-2022-24448
regular lookup. If a regular file is
found, ENOTDIR should occur, but
the server instead returns
uninitialized data in the file
descriptor.
An issue was discovered in
fs/nfs/dir.c in the Linux kernel
before 5.16.5. If an application sets
the O_DIRECTORY flag, and tries to
open a regular file,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-24448 nfs_atomic_open() performs a 3.3 net-snmp Affected no
il/CVE-2022-24448
regular lookup. If a regular file is
found, ENOTDIR should occur, but
the server instead returns
uninitialized data in the file
descriptor.
An issue was discovered in
fs/nfs/dir.c in the Linux kernel
before 5.16.5. If an application sets
the O_DIRECTORY flag, and tries to
open a regular file,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-24448 nfs_atomic_open() performs a 3.3 net-snmp Affected no
il/CVE-2022-24448
regular lookup. If a regular file is
found, ENOTDIR should occur, but
the server instead returns
uninitialized data in the file
descriptor.
An issue was discovered in
fs/nfs/dir.c in the Linux kernel
before 5.16.5. If an application sets
the O_DIRECTORY flag, and tries to
open a regular file,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-24448 nfs_atomic_open() performs a 3.3 net-snmp Affected no
il/CVE-2022-24448
regular lookup. If a regular file is
found, ENOTDIR should occur, but
the server instead returns
uninitialized data in the file
descriptor.

pandorafms.com 23
 a

Agent Module Date CVE Description Score Link Packages State Fixed

An issue was discovered in

fs/nfs/dir.c in the Linux kernel
before 5.16.5. If an application sets
the O_DIRECTORY flag, and tries to
open a regular file,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-24448 nfs_atomic_open() performs a 3.3 net-snmp Affected no
il/CVE-2022-24448
regular lookup. If a regular file is
found, ENOTDIR should occur, but
the server instead returns
uninitialized data in the file
descriptor.
An issue was discovered in
fs/nfs/dir.c in the Linux kernel
before 5.16.5. If an application sets
the O_DIRECTORY flag, and tries to
open a regular file,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-24448 nfs_atomic_open() performs a 3.3 net-snmp Affected no
il/CVE-2022-24448
regular lookup. If a regular file is
found, ENOTDIR should occur, but
the server instead returns
uninitialized data in the file
descriptor.
An issue was discovered in
fs/nfs/dir.c in the Linux kernel
before 5.16.5. If an application sets
the O_DIRECTORY flag, and tries to
open a regular file,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-24448 nfs_atomic_open() performs a 3.3 net-snmp Affected no
il/CVE-2022-24448
regular lookup. If a regular file is
found, ENOTDIR should occur, but
the server instead returns
uninitialized data in the file
descriptor.
A vulnerability found in gnutls. This
security flaw happens because of a
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2509 double free error occurs during 7.5 gnutls Affected no
il/CVE-2022-2509
verification of pkcs7 signatures in
gnutls_pkcs7_verify function.
xmltok_impl.c in Expat (aka
libexpat) before 2.4.5 lacks certain
validation of encoding, such as https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25235 9.8 expat
checks for whether a UTF-8 il/CVE-2022-25235
character is valid in a certain
context.
xmlparse.c in Expat (aka libexpat)
before 2.4.5 allows attackers to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25236 9.8 expat
insert namespace-separator il/CVE-2022-25236
characters into namespace URIs.
xmlparse.c in Expat (aka libexpat)
before 2.4.5 allows attackers to https://nvd.nist.gov/vuln/deta systemd,systemd-libs,systemd-p
stod Scanned_CVEs 2022-10-18 CVE-2022-25236 9.8
insert namespace-separator il/CVE-2022-25236 am,systemd-udev
characters into namespace URIs.
In the Linux kernel through 5.16.10,
certain binary files may have the
exec-all attribute if they were built
in approximately 2003 (e.g., with https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25265 7.8 kernel Affected no
GCC 3.2.2 and Linux kernel 2.4.20). il/CVE-2022-25265
This can cause execution of bytes
located in supposedly non-
executable regions of a file.
A stack-based buffer overflow flaw
was found in the Fribidi package.
This flaw allows an attacker to pass
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25308 a specially crafted file to the Fribidi 0 fribidi Affected no
il/CVE-2022-25308
application, which leads to a
possible memory leak or a denial of
service.
A heap-based buffer overflow flaw
was found in the Fribidi package
and affects the
fribidi_cap_rtl_to_unicode() function
of the fribidi-char-sets-cap-rtl.c file. https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25309 0 fribidi Affected no
This flaw allows an attacker to pass il/CVE-2022-25309
a specially crafted file to the Fribidi
application with the '--caprtl' option,
leading to a crash and causing a
denial of service.
A segmentation fault (SEGV) flaw
was found in the Fribidi package
and affects the
fribidi_remove_bidi_marks()
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25310 function of the lib/fribidi.c file. This 0 fribidi Affected no
il/CVE-2022-25310
flaw allows an attacker to pass a
specially crafted file to Fribidi,
leading to a crash and causing a
denial of service.
In Expat (aka libexpat) before 2.4.5,
an attacker can trigger stack
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25313 exhaustion in build_model via a 6.5 expat
il/CVE-2022-25313
large nesting depth in the DTD
element.
In Expat (aka libexpat) before 2.4.5,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25314 there is an integer overflow in 7.5 expat
il/CVE-2022-25314
copyString.
In Expat (aka libexpat) before 2.4.5,
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25315 there is an integer overflow in 9.8 expat
il/CVE-2022-25315
storeRawNames.
net/netfilter/nf_dup_netdev.c in the
Linux kernel 5.4 through 5.6.10
bpftool,kernel,kernel-core,ker
allows local users to gain privileges https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25636 7.8 nel-modules,kernel-tools,kerne
because of a heap out-of-bounds il/CVE-2022-25636
l-tools-libs,python3-perf
write. This is related to
nf_tables_offload.
net/netfilter/nf_dup_netdev.c in the
Linux kernel 5.4 through 5.6.10
allows local users to gain privileges https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25636 7.8 kernel Affected no
because of a heap out-of-bounds il/CVE-2022-25636
write. This is related to
nf_tables_offload.
net/netfilter/nf_dup_netdev.c in the
Linux kernel 5.4 through 5.6.10
allows local users to gain privileges https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-25636 7.8 kernel Affected no
because of a heap out-of-bounds il/CVE-2022-25636
write. This is related to
nf_tables_offload.

pandorafms.com 24
 a

Agent Module Date CVE Description Score Link Packages State Fixed

Non-transparent sharing of return

predictor targets between contexts
in some Intel(R) Processors may https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-26373 5.5 kernel Affected no
allow an authorized user to il/CVE-2022-26373
potentially enable information
disclosure via local access.
An integer coercion error was found
in the openvswitch kernel module.
Given a sufficiently large number of
actions, while copying and reserving
memory for a new action of a new
flow, the reserve_sfa_size() function https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2639 7.8 kernel Affected no
does not return -EMSGSIZE as il/CVE-2022-2639
expected, potentially leading to an
out-of-bounds write access. This
flaw allows a local user to crash or
potentially escalate their privileges
on the system.
A logic issue was addressed with
improved state management. This
issue is fixed in Security Update
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-26691 2022-003 Catalina, macOS 6.7 cups-libs
il/CVE-2022-26691
Monterey 12.3, macOS Big Sur
11.6.5. An application may be able
to gain elevated privileges.
FreeType commit
1e2eb65048f75c64b68708efed6ce9
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27404 04c31f3b2f was discovered to 9.8 freetype Affected no
il/CVE-2022-27404
contain a heap buffer overflow via
the function sfnt_init_face.
FreeType commit
53dfdcd8198d2b3201a23c4bad9190
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27405 519ba918db was discovered to 7.5 freetype Affected no
il/CVE-2022-27405
contain a segmentation violation via
the function FNT_Size_Request.
FreeType commit
22a0cccb4d9d002f33c1ba7a4b3681
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27406 2c7d4f46b5 was discovered to 7.5 freetype Affected no
il/CVE-2022-27406
contain a segmentation violation via
the function FT_Request_Size.
A heap buffer overflow flaw was
found in IPsec ESP transformation
code in net/ipv4/esp4.c and
bpftool,kernel,kernel-core,ker
net/ipv6/esp6.c. This flaw allows a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27666 7.8 nel-modules,kernel-tools,kerne
local attacker with a normal user il/CVE-2022-27666
l-tools-libs,python3-perf
privilege to overwrite kernel heap
objects and may cause a local
privilege escalation threat.
An insufficiently protected
credentials vulnerability exists in
curl 4.9 to and include curl 7.82.0
are affected that could allow an
attacker to extract credentials when https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27774 5.7 curl,libcurl
follows HTTP(S) redirects is used il/CVE-2022-27774
with authentication could leak
credentials to other services that
exist on different protocols or port
numbers.
A insufficiently protected
credentials vulnerability in fixed in
curl 7.83.0 might leak https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27776 6.5 curl,libcurl
authentication or cookie header il/CVE-2022-27776
data on HTTP redirects to the same
host but another port number.
libcurl would reuse a previously
created connection even when a
TLS or SSHrelated option had been
changed that should have
prohibited reuse.libcurl keeps
previously used connections in a
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27782 connection pool for 7.5 curl,libcurl
il/CVE-2022-27782
subsequenttransfers to reuse if one
of them matches the setup.
However, several TLS andSSH
settings were left out from the
configuration match checks, making
themmatch too easily.
libiberty/rust-demangle.c in GNU
GCC 11.2 allows stack consumption https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27943 5.5 gcc Affected no
in demangle_const, as demonstrated il/CVE-2022-27943
by nm-new.
In drivers/hid/hid-elo.c in the Linux
kernel before 5.16.11, a memory https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-27950 5.5 kernel Affected no
leak exists for a certain hid_parse il/CVE-2022-27950
error condition.
ems_usb_start_xmit in
drivers/net/can/usb/ems_usb.c in the https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-28390 7.8 kernel Affected no
Linux kernel through 5.17.1 has a il/CVE-2022-28390
double free.
libtiff's tiffcrop utility has a uint32_t
underflow that can lead to out of
bounds read and write. An attacker
who supplies a crafted file to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2867 8.8 libtiff Affected no
tiffcrop (likely via tricking a user to il/CVE-2022-2867
run tiffcrop on it with certain
parameters) could cause a crash or
in some cases, further exploitation.
libtiff's tiffcrop utility has a
improper input validation flaw that
can lead to out of bounds read and https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2868 8.1 libtiff Affected no
ultimately cause a crash if an il/CVE-2022-2868
attacker is able to supply a crafted
file to tiffcrop.
libtiff's tiffcrop tool has a uint32_t
underflow which leads to out of
bounds read and write in the
extractContigSamples8bits routine.
An attacker who supplies a crafted
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2869 file to tiffcrop could trigger this 8.8 libtiff Affected no
il/CVE-2022-2869
flaw, most likely by tricking a user
into opening the crafted file with
tiffcrop. Triggering this flaw could
cause a crash or potentially further
exploitation.

pandorafms.com 25
 a

Agent Module Date CVE Description Score Link Packages State Fixed

libtiff's tiffcrop tool has a uint32_t

underflow which leads to out of
bounds read and write in the
extractContigSamples8bits routine.
An attacker who supplies a crafted
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2869 file to tiffcrop could trigger this 8.8 kernel Affected no
il/CVE-2022-2869
flaw, most likely by tricking a user
into opening the crafted file with
tiffcrop. Triggering this flaw could
cause a crash or potentially further
exploitation.
An out-of-bounds memory access
flaw was found in the Linux kernel
Intel’s iSMT SMBus host controller
driver in the way a user triggers the
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2873 I2C_SMBUS_BLOCK_DATA (with 5.5 kernel Affected no
il/CVE-2022-2873
the ioctl I2C_SMBUS) with
malicious input data. This flaw
allows a local user to crash the
system.
An out-of-bounds memory access
flaw was found in the Linux kernel
Intel’s iSMT SMBus host controller
driver in the way a user triggers the grub2-common,grub2-pc,grub2-pc
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2873 I2C_SMBUS_BLOCK_DATA (with 5.5 -modules,grub2-tools,grub2-too
il/CVE-2022-2873
the ioctl I2C_SMBUS) with ls-extra,grub2-tools-minimal
malicious input data. This flaw
allows a local user to crash the
system.
An out-of-bounds memory access
flaw was found in the Linux kernel
Intel’s iSMT SMBus host controller
driver in the way a user triggers the grub2-common,grub2-pc,grub2-pc
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2873 I2C_SMBUS_BLOCK_DATA (with 5.5 -modules,grub2-tools,grub2-too
il/CVE-2022-2873
the ioctl I2C_SMBUS) with ls-extra,grub2-tools-minimal
malicious input data. This flaw
allows a local user to crash the
system.
An out-of-bounds memory access
flaw was found in the Linux kernel
Intel’s iSMT SMBus host controller
driver in the way a user triggers the grub2-common,grub2-pc,grub2-pc
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2873 I2C_SMBUS_BLOCK_DATA (with 5.5 -modules,grub2-tools,grub2-too
il/CVE-2022-2873
the ioctl I2C_SMBUS) with ls-extra,grub2-tools-minimal
malicious input data. This flaw
allows a local user to crash the
system.
An out-of-bounds memory access
flaw was found in the Linux kernel
Intel’s iSMT SMBus host controller
driver in the way a user triggers the grub2-common,grub2-pc,grub2-pc
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2873 I2C_SMBUS_BLOCK_DATA (with 5.5 -modules,grub2-tools,grub2-too
il/CVE-2022-2873
the ioctl I2C_SMBUS) with ls-extra,grub2-tools-minimal
malicious input data. This flaw
allows a local user to crash the
system.
An out-of-bounds memory access
flaw was found in the Linux kernel
Intel’s iSMT SMBus host controller
driver in the way a user triggers the grub2-common,grub2-pc,grub2-pc
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2873 I2C_SMBUS_BLOCK_DATA (with 5.5 -modules,grub2-tools,grub2-too
il/CVE-2022-2873
the ioctl I2C_SMBUS) with ls-extra,grub2-tools-minimal
malicious input data. This flaw
allows a local user to crash the
system.
The SUNRPC subsystem in the
Linux kernel through 5.17.2 can call https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-28893 7.8 kernel Affected no
xs_xprt_free before ensuring that il/CVE-2022-28893
sockets are in the intended state.
An issue was discovered in rsync
before 3.2.5 that allows malicious
remote servers to write arbitrary
files inside the directories of
connecting peers. The server
chooses which files/directories are
sent to the client. However, the
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-29154 rsync client performs insufficient 7.4 rsync
il/CVE-2022-29154
validation of file names. A malicious
rsync server (or Man-in-The-Middle
attacker) can overwrite arbitrary
files in the rsync client target
directory and subdirectories (for
example, overwrite the
.ssh/authorized_keys file).
Hawk is an HTTP authentication
scheme providing mechanisms for
making authenticated HTTP
requests with partial cryptographic
verification of the request and
response, covering the HTTP
method, request URI, host, and
optionally the request payload.
Hawk used a regular expression to
parse `Host` HTTP header
(`Hawk.utils.parseHost()`), which
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-29167 was subject to regular expression 7.5 mozjs60 Affected no
il/CVE-2022-29167
DoS attack - meaning each added
character in the attacker's input
increases the computation time
exponentially. `parseHost()` was
patched in `9.0.1` to use built-in
`URL` class to parse hostname
instead. `Hawk.authenticate()`
accepts `options` argument. If that
contains `host` and `port`, those
would be used instead of a call to
`utils.parseHost()`.

pandorafms.com 26
 a

Agent Module Date CVE Description Score Link Packages State Fixed

Git is a distributed revision control

system. Git prior to versions 2.37.1,
2.36.2, 2.35.4, 2.34.4, 2.33.4,
2.32.3, 2.31.4, and 2.30.5, is
vulnerable to privilege escalation in
all platforms. An unsuspecting user
could still be affected by the issue
reported in CVE-2022-24765, for
example when navigating as root
into a shared tmp directory that is
owned by them, but where an
attacker could create a git
repository. Versions 2.37.1, 2.36.2,
2.35.4, 2.34.4, 2.33.4, 2.32.3, https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-29187 7.8 git Affected no
2.31.4, and 2.30.5 contain a patch il/CVE-2022-29187
for this issue. The simplest way to
avoid being affected by the exploit
described in the example is to avoid
running git as root (or an
Administrator in Windows), and if
needed to reduce its use to a
minimum. While a generic
workaround is not possible, a
system could be hardened from the
exploit described in the example by
removing any such repository if it
exists already and creating one as
root to block any future attacks.
A flaw was found in the Linux
kernel's implementation of Pressure
Stall Information. While the feature
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2938 is disabled by default, it could allow 7.8 kernel Affected no
il/CVE-2022-2938
an attacker to crash the system or
have other memory-corruption side
effects.
Improper Update of Reference
Count vulnerability in net/sched of
Linux Kernel allows local attacker to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-29581 version 4.14 and later versions. 7.8 kernel Affected no
cause privilege escalation to root. il/CVE-2022-29581
This issue affects: Linux Kernel
versions prior to 5.18
Improper Update of Reference
Count vulnerability in net/sched of
Linux Kernel allows local attacker to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-29581 version 4.14 and later versions. 7.8 kernel Affected no
cause privilege escalation to root. il/CVE-2022-29581
This issue affects: Linux Kernel
versions prior to 5.18
A flaw use after free in the Linux
kernel NILFS file system was found
in the way user triggers function
security_inode_alloc to fail with
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-2978 following call to function 7.8 kernel Affected no
il/CVE-2022-2978
nilfs_mdt_destroy. A local user could
use this flaw to crash the system or
potentially escalate their privileges
on the system.
In libxml2 before 2.9.14, several
buffer handling functions in buf.c
(xmlBuf*) and tree.c (xmlBuffer*)
don't check for integer overflows.
This can result in out-of-bounds
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-29824 memory writes. Exploitation 6.5 libxml2,python3-libxml2
il/CVE-2022-29824
requires a victim to open a crafted,
multi-gigabyte XML file. Other
software using libxml2's buffer
functions, for example libxslt
through 1.1.35, is affected as well.
Mis-trained branch predictions for
return instructions may allow
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-29900 arbitrary speculative code execution 6.5 kernel Affected no
il/CVE-2022-29900
under certain microarchitecture-
dependent conditions.
Intel microprocessor generations 6
to 8 are affected by a new Spectre
variant that is able to bypass their
retpoline mitigation in the kernel to
leak arbitrary data. An attacker with https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-29901 6.5 kernel Affected no
unprivileged user access can hijack il/CVE-2022-29901
return instructions to achieve
arbitrary speculative code execution
under certain microarchitecture-
dependent conditions.
A race condition was found in the
Linux kernel's IP framework for
transforming packets (XFRM
subsystem) when multiple calls to
xfrm_probe_algs occurred
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-3028 simultaneously. This flaw could 7 kernel Affected no
il/CVE-2022-3028
allow a local attacker to potentially
trigger an out-of-bounds write or
leak kernel heap memory by
performing an out-of-bounds read
and copying it into a socket.
The Linux kernel before 5.17.2
mishandles seccomp permissions.
The PTRACE_SEIZE code path https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-30594 7.8 kernel Affected no
allows attackers to bypass intended il/CVE-2022-30594
restrictions on setting the
PT_SUSPEND_SECCOMP flag.
Uncontrolled recursion in Glob in
io/fs before Go 1.17.12 and Go
1.18.4 allows an attacker to cause a https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-30630 7.5 git-lfs Affected no
panic due to stack exhaustion via a il/CVE-2022-30630
path which contains a large number
of path separators.
Uncontrolled recursion in Glob in
path/filepath before Go 1.17.12 and
Go 1.18.4 allows an attacker to https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-30632 7.5 git-lfs Affected no
cause a panic due to stack il/CVE-2022-30632
exhaustion via a path containing a
large number of path separators.
Uncontrolled recursion in
Decoder.Decode in encoding/gob
before Go 1.17.12 and Go 1.18.4
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-30635 allows an attacker to cause a panic 7.5 git-lfs Affected no
il/CVE-2022-30635
due to stack exhaustion via a
message which contains deeply
nested structures.

pandorafms.com 27
 a

Agent Module Date CVE Description Score Link Packages State Fixed

Improper exposure of client IP

addresses in net/http before Go
1.17.12 and Go 1.18.4 can be
triggered by calling
httputil.ReverseProxy.ServeHTT
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-32148 P with a Request.Header map 6.5 git-lfs Affected no
il/CVE-2022-32148
containing a nil value for the X-
Forwarded-For header, which
causes ReverseProxy to set the
client IP as the value of the X-
Forwarded-For header.
A too-short encoded message can
cause a panic in Float.GobDecode
and Rat GobDecode in math/big in https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-32189 7.5 git-lfs Affected no
Go before 1.17.13 and 1.18.5, il/CVE-2022-32189
potentially allowing a denial of
service.
curl < 7.84.0 supports "chained"
HTTP compression algorithms,
meaning that a serverresponse can
be compressed multiple times and
potentially with different
algorithms. The number of
acceptable "links" in this
"decompression chain" was
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-32206 unbounded, allowing a malicious 6.5 curl,libcurl
il/CVE-2022-32206
server to insert a virtually unlimited
number of compression steps.The
use of such a decompression chain
could result in a "malloc bomb",
makingcurl end up spending
enormous amounts of allocated
heap memory, or trying toand
returning out of memory errors.
When curl < 7.84.0 does FTP
transfers secured by krb5, it
handles message verification
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-32208 failures wrongly. This flaw makes it 5.9 curl,libcurl
il/CVE-2022-32208
possible for a Man-In-The-Middle
attack to go unnoticed and even
allows it to inject data to the client.
net/netfilter/nf_tables_api.c in the
Linux kernel through 5.18.1 allows
bpftool,kernel,kernel-core,ker
a local user (able to create user/net
https://nvd.nist.gov/vuln/deta nel-headers,kernel-modules,ker
stod Scanned_CVEs 2022-10-18 CVE-2022-32250 namespaces) to escalate privileges 7.8
il/CVE-2022-32250 nel-tools,kernel-tools-libs,py
to root because an incorrect
thon3-perf
NFT_STATEFUL_EXPR check leads
to a use-after-free.
A flaw was found in the Samba AD
LDAP server. The AD DC database
audit logging module can access
LDAP message values freed by a
preceding database module, https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-32746 5.4 libldb Affected no
resulting in a use-after-free issue. il/CVE-2022-32746
This issue is only possible when
modifying certain privileged
attributes, such as
userAccountControl.
The got package before 12.1.0 (also
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-33987 fixed in 11.8.5) for Node.js allows a 5.3 mozjs60 Affected no
il/CVE-2022-33987
redirect to a UNIX socket.
The Apache Xalan Java XSLT library
is vulnerable to an integer
truncation issue when processing
malicious XSLT stylesheets. This
can be used to corrupt Java class
files generated by the internal
XSLTC compiler and execute
https://nvd.nist.gov/vuln/deta java-1.8.0-openjdk,java-1.8.0-
stod Scanned_CVEs 2022-10-18 CVE-2022-34169 arbitrary Java bytecode. The Apache 7.5
il/CVE-2022-34169 openjdk-headless
Xalan Java project is dormant and in
the process of being retired. No
future releases of Apache Xalan
Java to address this issue are
expected. Note: Java runtimes (such
as OpenJDK) include repackaged
copies of Xalan.
GnuPG through 2.3.6, in unusual
situations where an attacker
possesses any secret-key
information from a victim's keyring https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-34903 6.5 gnupg2 Affected no
and other constraints (e.g., use of il/CVE-2022-34903
GPGME) are met, allows signature
forgery via injection into the status
line.
GnuPG through 2.3.6, in unusual
situations where an attacker
possesses any secret-key
information from a victim's keyring https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-34903 6.5 curl Affected no
and other constraints (e.g., use of il/CVE-2022-34903
GPGME) are met, allows signature
forgery via injection into the status
line.
An issue was discovered in the
Linux kernel through 5.18.14.
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-36879 xfrm_expand_policies in 5.5 kernel Affected no
il/CVE-2022-36879
net/xfrm/xfrm_policy.c can cause a
refcount to be dropped twice.
nfqnl_mangle in
net/netfilter/nfnetlink_queue.
c in the Linux kernel through
5.18.14 allows remote attackers to
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-36946 cause a denial of service (panic) 7.5 kernel Affected no
il/CVE-2022-36946
because, in the case of an nf_queue
verdict with a one-byte nfta_payload
attribute, an skb_pull can encounter
a negative skb->len.
zlib through 1.2.12 has a heap-
based buffer over-read or buffer
overflow in inflate in inflate.c via a
large gzip header extra field. NOTE:
only applications that call
https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-37434 inflateGetHeader are affected. 9.8 rsync,zlib Affected no
il/CVE-2022-37434
Some common applications bundle
the affected zlib source code but
may be unable to call
inflateGetHeader (e.g., see the
nodejs/node reference).

pandorafms.com 28
 a

Agent Module Date CVE Description Score Link Packages State Fixed

An issue was discovered the x86

KVM subsystem in the Linux kernel
before 5.18.17. Unprivileged guest
users can compromise the guest https://nvd.nist.gov/vuln/deta
stod Scanned_CVEs 2022-10-18 CVE-2022-39189 0 kernel Affected no
kernel because TLB flush operations il/CVE-2022-39189
are mishandled in certain
KVM_VCPU_PREEMPTED
situations.

pandorafms.com 29