In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan.
Max CVSS
6.5
EPSS Score
0.08%
Published
2022-05-25
Updated
2022-07-19
Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program.
Max CVSS
7.5
EPSS Score
0.07%
Published
2022-05-21
Updated
2023-04-26
Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. Version 4.60.3 contains a patch for this issue. As a workaround, disable FileMiddleware and serve via a Content Delivery Network.
Max CVSS
7.5
EPSS Score
0.15%
Published
2022-05-31
Updated
2022-06-10
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue.
Max CVSS
9.8
EPSS Score
2.74%
Published
2022-05-31
Updated
2023-05-24
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine.
Max CVSS
8.8
EPSS Score
0.09%
Published
2022-05-17
Updated
2023-11-03
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-05-26
Updated
2023-01-13
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-05-26
Updated
2023-01-13
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-05-26
Updated
2023-01-13
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-05-26
Updated
2023-01-13
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.
Max CVSS
9.8
EPSS Score
0.28%
Published
2022-05-16
Updated
2022-10-27
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
Max CVSS
9.8
EPSS Score
0.17%
Published
2022-05-25
Updated
2022-06-03
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request.
Max CVSS
9.8
EPSS Score
0.23%
Published
2022-05-26
Updated
2022-06-03
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request.
Max CVSS
9.8
EPSS Score
0.23%
Published
2022-05-26
Updated
2022-06-03
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request.
Max CVSS
7.5
EPSS Score
0.12%
Published
2022-05-26
Updated
2022-06-03
Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set
Max CVSS
7.5
EPSS Score
0.12%
Published
2022-05-26
Updated
2022-06-03
Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat
Max CVSS
9.8
EPSS Score
0.23%
Published
2022-05-26
Updated
2022-06-03
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
Max CVSS
7.5
EPSS Score
0.51%
Published
2022-05-06
Updated
2022-10-14
Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call.
Max CVSS
10.0
EPSS Score
0.54%
Published
2022-05-04
Updated
2022-12-09
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
Max CVSS
5.5
EPSS Score
0.05%
Published
2022-05-17
Updated
2023-11-21
Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability that could lead to Remote Code Execution.
Max CVSS
9.8
EPSS Score
5.12%
Published
2022-05-16
Updated
2022-05-25
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service.
Max CVSS
7.5
EPSS Score
0.10%
Published
2022-05-11
Updated
2022-05-20
Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module.
Max CVSS
7.8
EPSS Score
0.08%
Published
2022-05-18
Updated
2022-05-26
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
Max CVSS
6.5
EPSS Score
0.15%
Published
2022-05-03
Updated
2023-01-11
Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow.
Max CVSS
10.0
EPSS Score
0.25%
Published
2022-05-10
Updated
2022-05-16
epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in _parse_special_tag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XML file.
Max CVSS
5.5
EPSS Score
0.05%
Published
2022-05-25
Updated
2022-06-07
135 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!