Total
13464 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1383 | 1 Radare | 1 Radare2 | 2024-11-21 | 6.1 Medium |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. | ||||
| CVE-2022-1381 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 7.8 High |
| global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution | ||||
| CVE-2022-1354 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-11-21 | 5.5 Medium |
| A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. | ||||
| CVE-2022-1286 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.8 Critical |
| heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited. | ||||
| CVE-2022-1253 | 1 Struktur | 1 Libde265 | 2024-11-21 | 9.8 Critical |
| Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release. | ||||
| CVE-2022-1240 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.8 High |
| Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). | ||||
| CVE-2022-1238 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.8 High |
| Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). | ||||
| CVE-2022-1185 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.5 Medium |
| A denial of service vulnerability when rendering RDoc files in GitLab CE/EE versions 10 to 14.7.7, 14.8.0 to 14.8.5, and 14.9.0 to 14.9.2 allows an attacker to crash the GitLab web application with a maliciously crafted RDoc file | ||||
| CVE-2022-1160 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. | ||||
| CVE-2022-1143 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | ||||
| CVE-2022-1142 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | ||||
| CVE-2022-1115 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 5.5 Medium |
| A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service. | ||||
| CVE-2022-1061 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.5 High |
| Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8. | ||||
| CVE-2022-1052 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6. | ||||
| CVE-2022-1042 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 8.2 High |
| In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. | ||||
| CVE-2022-1041 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 8.2 High |
| In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. | ||||
| CVE-2022-1015 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | 6.6 Medium |
| A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. | ||||
| CVE-2022-0995 | 3 Fedoraproject, Linux, Netapp | 24 Fedora, Linux Kernel, H300e and 21 more | 2024-11-21 | 7.8 High |
| An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system. | ||||
| CVE-2022-0982 | 1 Accel-ppp | 1 Accel-ppp | 2024-11-21 | 9.8 Critical |
| The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. | ||||
| CVE-2022-0976 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||