Skip to main content

Fas A400 Firmware

3 CVEs product

Monthly

CVE-2022-36879 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.18.14. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel Debian Linux A700S Firmware +21
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-2068 HIGH PATCH This Week

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection OpenSSL Debian Linux Fedora Sinec Ins +24
NVD
CVSS 3.1
7.3
EPSS
96.3%
CVE-2019-19448 HIGH POC This Week

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel +17
NVD GitHub
CVSS 3.1
7.8
EPSS
2.1%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.18.14. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel +23
NVD GitHub
EPSS 96% CVSS 7.3
HIGH PATCH This Week

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection OpenSSL Debian Linux +26
NVD
EPSS 2% CVSS 7.8
HIGH POC This Week

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Linux Information Disclosure +19
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy