Next Last 1. 2022-10-31 [1] [oss-security] CVE-2022-42252: Apache Tomcat - Request Smuggling oss-security Mark Thomas 2. 2022-10-31 [8] [oss-security] Forthcoming OpenSSL Releases oss-security Bob Beck 3. 2022-10-31 [2] [oss-security] Is third party javascript on a login page considered dang oss-security Brandon Perry 4. 2022-10-31 [1] [oss-security] OPEN SOURCE NTFS-3G SECURITY ADVISORY NTFS3G-SA-2022-0003 oss-security Rakesh Pandit 5. 2022-10-29 [2] [oss-security] CVE-2022-3628: A USB-accessible buffer overflow in Linux oss-security Demi Marie Obenour 6. 2022-10-28 [1] [oss-security] CVE-2022-26884: Apache DolphinScheduler exposes files wit oss-security ShunFeng Cai 7. 2022-10-27 [3] [oss-security] CVE-2022-2602 - Linux kernel io_uring UAF oss-security Thadeu Lima de Souza 8. 2022-10-26 [3] [oss-security] Forthcoming OpenSSL Bug Fix Release oss-security Dr Paul Dale 9. 2022-10-26 [1] [oss-security] CVE-2022-43766: Apache IoTDB: ReDoS Vulnerability by REGE oss-security Haonan Hou 10. 2022-10-26 [1] [oss-security] CVE-2022-39944: The Apache Linkis JDBC EngineConn module oss-security peacewong 11. 2022-10-26 [1] [oss-security] [SECURITY ADVISORY] CVE-2022-42916: HSTS bypass via IDN ( oss-security Daniel Stenberg 12. 2022-10-26 [1] [oss-security] [SECURITY ADVISORY] CVE-2022-42915: HTTP proxy double-fre oss-security Daniel Stenberg 13. 2022-10-26 [1] [oss-security] [SECURITY ADVISORY] CVE-2022-35260: .netrc parser out-of- oss-security Daniel Stenberg 14. 2022-10-26 [1] [oss-security] [SECURITY ADVISORY] CVE-2022-32221: POST following PUT co oss-security Daniel Stenberg 15. 2022-10-25 [1] [oss-security] android debug bridge (adb) reverse connection and directo oss-security Imre Rad 16. 2022-10-25 [1] [oss-security] [CVE-2022-42890] Apache Batik information disclosure vuln oss-security Simon Steiner 17. 2022-10-25 [1] [oss-security] [CVE-2022-41704] Apache Batik information disclosure vuln oss-security Simon Steiner 18. 2022-10-25 [1] [oss-security] ceph: ceph-crash.service allows local ceph user to root e oss-security Matthias Gerstner 19. 2022-10-24 [1] [oss-security] CVE-2022-34870: Apache Geode stored Cross-Site Scripting oss-security Dan Smith 20. 2022-10-24 [1] [oss-security] Authorization bypass and symlink attack in multipathd (CV oss-security Qualys Security Advis 21. 2022-10-24 [1] [oss-security] Warpinator remote file creation / overwrite security issu oss-security Matthias Gerstner 22. 2022-10-23 [1] [oss-security] CVE-2021-42010: Apache Heron (Incubating): CRLF log injec oss-security Josh Fischer 23. 2022-10-23 [1] [oss-security] Linux kernel: net: mctp: A Use-After-Free bug in mctp_sk_ oss-security butt3rflyh4ck 24. 2022-10-19 [1] [oss-security] Multiple vulnerabilities in Jenkins plugins oss-security Daniel Beck 25. 2022-10-19 [1] [oss-security] CVE-2022-42466: Apache Isis: XSS vulnerability, eg for St oss-security Dan Haywood 26. 2022-10-19 [1] [oss-security] ISIS-3128: CVE-2022-42467: Apache Isis: h2 webconsole (av oss-security Dan Haywood 27. 2022-10-18 [1] [oss-security] Git 2.38.1 and others for CVE-2022-39253, and CVE-2022-39 oss-security Taylor Blau 28. 2022-10-18 [1] [oss-security] CVE-2022-39198: Apache Dubbo Hession Deserialization Vuln oss-security Albumen Kevin 29. 2022-10-18 [2] [oss-security] CVE-2022-42889: Apache Commons Text prior to 1.10.0 allow oss-security Alan Coopersmith 30. 2022-10-17 [1] [oss-security] Re: CVE-2022-34169: Apache Xalan Java XSLT library is vul oss-security Markus Koschany Next Last