Total
13473 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3890 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 9.6 Critical |
| Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-3775 | 2 Gnu, Redhat | 6 Grub2, Enterprise Linux, Rhel Aus and 3 more | 2024-11-21 | 7.1 High |
| When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded. | ||||
| CVE-2022-3699 | 1 Lenovo | 3 Diagnostics, Hardwarescan Addin, Hardwarescan Plugin | 2024-11-21 | 7.8 High |
| A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to versionĀ 1.3.1.2 andĀ Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges. | ||||
| CVE-2022-3655 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-3653 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-3446 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-3437 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-11-21 | 4.3 Medium |
| A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. | ||||
| CVE-2022-3234 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. | ||||
| CVE-2022-3213 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2024-11-21 | 5.5 Medium |
| A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service. | ||||
| CVE-2022-3028 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2024-11-21 | 7.0 High |
| A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. | ||||
| CVE-2022-39852 | 1 Google | 1 Android | 2024-11-21 | 8 High |
| A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution. | ||||
| CVE-2022-39843 | 2 Linux, Lotus 1-2-3 Project | 2 Linux Kernel, Lotus 1-2-3 | 2024-11-21 | 7.8 High |
| 123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain function call from process_fmt() that can be reached via a w3r_format element in a wk3 document. | ||||
| CVE-2022-39832 | 2 Fedoraproject, Gnu | 2 Fedora, Pspp | 2024-11-21 | 7.8 High |
| An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2022-39831 | 2 Fedoraproject, Gnu | 2 Fedora, Pspp | 2024-11-21 | 7.8 High |
| An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230. | ||||
| CVE-2022-39808 | 1 Sap | 1 3d Visual Enterprise Author | 2024-11-21 | 7.8 High |
| Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | ||||
| CVE-2022-39806 | 1 Sap | 1 3d Visual Enterprise Author | 2024-11-21 | 7.8 High |
| Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Drawing (.slddrw, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | ||||
| CVE-2022-39805 | 1 Sap | 1 3d Visual Enterprise Author | 2024-11-21 | 7.8 High |
| Due to lack of proper memory management, when a victim opens a manipulated Computer Graphics Metafile (.cgm, CgmTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | ||||
| CVE-2022-39804 | 1 Sap | 1 3d Visual Enterprise Author | 2024-11-21 | 7.8 High |
| Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Part (.sldprt, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | ||||
| CVE-2022-39803 | 1 Sap | 1 3d Visual Enterprise Author | 2024-11-21 | 7.8 High |
| Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly (.sat, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | ||||
| CVE-2022-39260 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Xcode, Debian Linux, Fedora and 3 more | 2024-11-21 | 8.5 High |
| Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround. | ||||