Skip to main content
CVE-2022-33981 LOW POC PATCH Monitor

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +1
NVD GitHub
CVSS 3.1
3.3
EPSS
0.5%
CVE-2022-33987 MEDIUM PATCH This Month

The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Information Disclosure Got
NVD GitHub
CVSS 3.1
5.3
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy