Security Vulnerabilities - CVEs Published In April 2022
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-12
Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-04-12
Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-04-12
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user.
CVSS Score
6.0
EPSS Score
0.0
Published
2022-04-12
Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-04-12
Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could potentially exploit this vulnerability, leading to denial of service/data unavailability.
CVSS Score
4.7
EPSS Score
0.0
Published
2022-04-12
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-04-12
Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-04-12
Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-04-12
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-04-12