• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

extra_packages_for_enterprise_linux

CVE-2022-4170

February 23, 2023 by godfreyd94

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user’s terminal and certain options are set.

CVE-2022-40316

February 23, 2023 by godfreyd94

The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.

CVE-2022-40313

February 23, 2023 by godfreyd94

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.

CVE-2022-28327

February 23, 2023 by godfreyd94

The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.

CVE-2022-27191

February 23, 2023 by godfreyd94

The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.

CVE-2022-25648

February 23, 2023 by godfreyd94

The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = ‘origin’, opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE