Lista CVE 2022/36xxx

CVE nel gruppo: 36xxx

CVE-2022-36020 (N/A)

CVE-2022-36021 (Bypass of Cross-Site Scripting Protection in typo3/html-sanitizer)

CVE-2022-36022 (Redis string pattern matching can be abused to achieve Denial of Service)

CVE-2022-36023 (Some Deeplearning4J packages use unclaimed s3 bucket in tests and examples)

CVE-2022-36024 (Remote denial of service in Hyperledger Fabric Gateway)

CVE-2022-36025 (Bots using py-cord as discord api wrapper are vulnerable to shutdowns through remote code execution)

CVE-2022-36026 (Incorrect Conversion between Numeric Types in Besu Ethereum Client)

CVE-2022-36027 (`CHECK` fail in `QuantizeAndDequantizeV3` in TensorFlow)

CVE-2022-36028 (Segfault TFLite converter on per-channel quantized transposed convolutions in TensorFlow)

CVE-2022-36029 (BigBlueButton Greenlight Open Redirect vulnerability)

CVE-2022-36030 (BigBlueButton Greenlight Open Redirect vulnerability)

CVE-2022-36031 (SQL Injection in Project-nexus)

CVE-2022-36032 (Unhandled exception on illegal filename_disk value)

CVE-2022-36033 (ReactPHP’s HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent)

CVE-2022-36034 (jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled)

CVE-2022-36035 (Possible Regular Expression Denial of Service (ReDoS) used on uncontrolled data in nitrado.js)

CVE-2022-36036 (Flux CLI Workload Injection)

CVE-2022-36037 (Improper Control of Generation of Code (‘Code Injection’) in mdx-mermaid)

CVE-2022-36038 (Cross-site scripting (XSS) from dynamic options in the multiselect field in Kirby)

CVE-2022-36039 (CircuitVerse potential RCE vulnerability via Oj.load)

CVE-2022-36040 (Out-of-bounds write when parsing DEX files in Rizin)

CVE-2022-36041 (Rizin Out-of-bounds Write vulnerability in pyc/marshal.c)

CVE-2022-36042 (Rizin Out-of-bounds Write vulnerability in Mach-O binary plugin)

CVE-2022-36043 (Rizin Out-of-bounds Write vulnerability in dyld cache binary plugin)

CVE-2022-36044 (Rizin Double Free in bobj.c when using qnx binary plugin)

CVE-2022-36045 (Rizin Out-of-bounds Write vulnerability in Lua binary plugin)

CVE-2022-36046 (Account takeover via cryptographically weak PRNG in NodeBB Forum)

CVE-2022-36048 (Unexpected server crash in Next.js version 12.2.3)

CVE-2022-36049 (IP address leak via image proxy bypass in Zulip Server)

CVE-2022-36051 (Flux2 Helm Controller denial of service)

CVE-2022-36052 (Broken Authorization in ZITADEL Actions)

CVE-2022-36053 (Out-of-bounds read when decompressing UDP header)

CVE-2022-36054 (Out-of-bounds read in the uIP buffer module)

CVE-2022-36055 (Out-of-bounds write when decompressing 6LoWPAN payload in Contiki-NG)

CVE-2022-36056 (Denial of service in Helm)

CVE-2022-36057 ( Vulnerabilities with blob verification in sigstore cosign)

CVE-2022-36058 (Discourse-Chat Cross-Site Scripting issue for channel names and descriptions)

CVE-2022-36059 (elrond-go MultiESDTNFTTransfer call on a SC address with missing function name)

CVE-2022-36060 (Prototype pollution in matrix-js-sdk)

CVE-2022-36061 (Prototype pollution in matrix-react-sdk)