| 2022-10-08 | CVE-2022-3435 | A vulnerability classified as problematic has been found in Linux Kernel. | 4.3 |
| 2022-09-30 | CVE-2022-41849 | Use After Free vulnerability in multiple products
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. | 4.2 |
| 2022-09-30 | CVE-2022-41850 | Use After Free vulnerability in multiple products
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. | 4.7 |
| 2022-09-28 | CVE-2022-31628 | Infinite Loop vulnerability in multiple products
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop. | 5.5 |
| 2022-09-28 | CVE-2022-31629 | In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications. | 6.5 |
| 2022-09-27 | CVE-2022-3303 | A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. | 4.7 |
| 2022-09-26 | CVE-2022-3201 | Improper Input Validation vulnerability in multiple products
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. | 5.4 |
| 2022-09-22 | CVE-2022-38398 | Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. | 5.3 |
| 2022-09-22 | CVE-2022-38648 | Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. | 5.3 |
| 2022-09-21 | CVE-2022-2795 | By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. | 5.3 |