Security News

Security news from: cvedetails.com

  • – 25. november 2022CVE-2022-45887
    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call. (CVSS:0.0) (Last Update:2022-11- …
  • – 25. november 2022CVE-2022-45475
    Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes up …
  • – 25. november 2022CVE-2022-45884
    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops. (CVSS:0.0) (Last Update:202 …
  • – 25. november 2022CVE-2022-45885
    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected. (CVSS:0.0) (Last Up …
  • – 25. november 2022CVE-2022-45886
    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free. (CVSS:0.0) (Last Upd …
  • – 25. november 2022CVE-2022-45476
    Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes up …
  • – 25. november 2022CVE-2022-45888
    An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device. (CVSS:0.0) (Last Update:202 …
  • – 23. november 2022CVE-2022-45866
    qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file. (CVSS:0.0) (Last Update:2022-11-23)
  • – 23. november 2022CVE-2022-45868
    The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web …
  • – 23. november 2022CVE-2022-45872
    iTerm2 before 3.4.18 mishandles a DECRQSS response. (CVSS:0.0) (Last Update:2022-11-24)