CVE-2022-28199

HIGH Year: 2022
CVSS v3 Score
8.6
High
Weakness Type
CWE-1284
View all →

Vulnerability Description

NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality.

Related Vulnerabilities

CVE-2024-8887

HIGH
CVSS:8.6(High)

CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login pa...

CWE-12842024

CVE-2023-25731

HIGH
CVSS:8.8(High)

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affec...

CWE-12842023

CVE-2021-31345

CRITICAL
CVSS:9.1(Critical)

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions). The total leng...

CWE-12842021

CVE-2021-31346

CRITICAL
CVSS:9.1(Critical)

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNE...

CWE-12842021

CVE-2022-25769

CRITICAL
CVSS:9.1(Critical)

ImpactThe default .htaccess file has some restrictions in the access to PHP files to only allow specific PHP files to be executed in the root of the application. This logic isn't correct, as the regex...

CWE-12842022

CVE-2010-3904

HIGH
CVSS:7.8(High)

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from us...

CWE-12842010