| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2023-28638 |
119 |
|
DoS Overflow |
2023-03-27 |
2023-03-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Snappier is a high performance C# implementation of the Snappy compression algorithm. This is a buffer overrun vulnerability that can affect any user of Snappier 1.1.0. In this release, much of the code was rewritten to use byte references rather than pointers to pinned buffers. This change generally improves performance and reduces workload on the garbage collector. However, when the garbage collector performs compaction and rearranges memory, it must update any byte references on the stack to refer to the updated location. The .NET garbage collector can only update these byte references if they still point within the buffer or to a point one byte past the end of the buffer. If they point outside this area, the buffer itself may be moved while the byte reference stays the same. There are several places in 1.1.0 where byte references very briefly point outside the valid areas of buffers. These are at locations in the code being used for buffer range checks. While the invalid references are never dereferenced directly, if a GC compaction were to occur during the brief window when they are on the stack then it could invalidate the buffer range check and allow other operations to overrun the buffer. This should be very difficult for an attacker to trigger intentionally. It would require a repetitive bulk attack with the hope that a GC compaction would occur at precisely the right moment during one of the requests. However, one of the range checks with this problem is a check based on input data in the decompression buffer, meaning malformed input data could be used to increase the chance of success. Note that any resulting buffer overrun is likely to cause access to protected memory, which will then cause an exception and the process to be terminated. Therefore, the most likely result of an attack is a denial of service. This issue has been patched in release 1.1.1. Users are advised to upgrade. Users unable to upgrade may pin buffers to a fixed location before using them for compression or decompression to mitigate some, but not all, of these cases. At least one temporary decompression buffer is internal to the library and never pinned. |
|
2 |
CVE-2023-24564 |
119 |
|
Exec Code Overflow Mem. Corr. |
2023-02-14 |
2023-03-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains a memory corruption vulnerability while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19069) |
|
3 |
CVE-2023-23457 |
119 |
|
DoS Overflow |
2023-01-12 |
2023-01-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service. |
|
4 |
CVE-2023-21047 |
119 |
|
Overflow |
2023-03-24 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-256166866References: N/A |
|
5 |
CVE-2023-21044 |
119 |
|
Overflow |
2023-03-24 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In init of VendorGraphicBufferMeta, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-253425086References: N/A |
|
6 |
CVE-2023-20972 |
119 |
|
Overflow |
2023-03-24 |
2023-03-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In btm_vendor_specific_evt of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255304665 |
|
7 |
CVE-2023-20605 |
119 |
|
Overflow |
2023-02-06 |
2023-02-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104. |
|
8 |
CVE-2023-20531 |
119 |
|
DoS Overflow |
2023-01-11 |
2023-01-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service. |
|
9 |
CVE-2023-20529 |
119 |
|
DoS Overflow |
2023-01-11 |
2023-01-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service. |
|
10 |
CVE-2023-20049 |
119 |
|
DoS Overflow |
2023-03-09 |
2023-03-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads. |
|
11 |
CVE-2023-1529 |
119 |
|
Overflow Mem. Corr. |
2023-03-21 |
2023-03-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High) |
|
12 |
CVE-2023-0613 |
119 |
|
Overflow Mem. Corr. |
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219937 was assigned to this vulnerability. |
|
13 |
CVE-2023-0251 |
119 |
|
Exec Code Overflow |
2023-02-08 |
2023-02-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a buffer overflow through improper restrictions of operations within memory, which could allow an attacker to remotely execute arbitrary code. |
|
14 |
CVE-2022-47977 |
119 |
|
Exec Code Overflow Mem. Corr. |
2023-02-14 |
2023-02-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. |
|
15 |
CVE-2022-47967 |
119 |
|
Exec Code Overflow Mem. Corr. |
2023-01-10 |
2023-01-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been identified in Solid Edge (All versions < V2023 MP1). The DOCMGMT.DLL contains a memory corruption vulnerability that could be triggered while parsing files in different file formats such as PAR, ASM, DFT. This could allow an attacker to execute code in the context of the current process. |
|
16 |
CVE-2022-47935 |
119 |
|
Exec Code Overflow Mem. Corr. |
2023-01-10 |
2023-01-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19078) |
|
17 |
CVE-2022-47453 |
119 |
|
DoS Overflow |
2023-03-10 |
2023-03-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In wcn service, there is a possible missing params check. This could lead to local denial of service in wcn service. |
|
18 |
CVE-2022-46701 |
119 |
|
Exec Code Overflow |
2022-12-15 |
2023-01-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges. |
|
19 |
CVE-2022-44789 |
119 |
|
Exec Code Overflow Mem. Corr. |
2022-11-23 |
2023-02-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. |
|
20 |
CVE-2022-44425 |
119 |
|
DoS Overflow |
2023-01-04 |
2023-01-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
|
21 |
CVE-2022-43762 |
119 |
|
Overflow |
2023-02-08 |
2023-02-18 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when receiving messages |
|
22 |
CVE-2022-43581 |
119 |
|
Exec Code Overflow |
2022-12-07 |
2022-12-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805. |
|
23 |
CVE-2022-42418 |
119 |
|
Exec Code Overflow |
2023-01-26 |
2023-01-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18677. |
|
24 |
CVE-2022-42396 |
119 |
|
Exec Code Overflow |
2023-01-26 |
2023-01-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPS files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18278. |
|
25 |
CVE-2022-42377 |
119 |
|
Exec Code Overflow Mem. Corr. |
2023-01-26 |
2023-02-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18630. |
|
26 |
CVE-2022-42324 |
119 |
|
Overflow |
2022-11-01 |
2022-12-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusion in the remainder. This in turn can feed a negative value into logic not expecting a negative value, resulting in unexpected exceptions being thrown. The unexpected exception is not handled suitably, creating a busy-loop trying (and failing) to take the bad packet out of the xenstore ring. |
|
27 |
CVE-2022-42264 |
119 |
|
DoS Overflow |
2022-12-30 |
2023-01-11 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service. |
|
28 |
CVE-2022-41877 |
119 |
|
Overflow |
2022-11-16 |
2023-01-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in `drive` channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the drive redirection channel - command line options `/drive`, `+drives` or `+home-drive`. |
|
29 |
CVE-2022-41342 |
119 |
|
Overflow |
2023-02-06 |
2023-03-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
30 |
CVE-2022-41202 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
31 |
CVE-2022-41201 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
32 |
CVE-2022-41200 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
33 |
CVE-2022-41199 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
34 |
CVE-2022-41198 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
35 |
CVE-2022-41197 |
119 |
|
Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. |
|
36 |
CVE-2022-41196 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
37 |
CVE-2022-41195 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
38 |
CVE-2022-41194 |
119 |
|
Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. |
|
39 |
CVE-2022-41193 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
40 |
CVE-2022-41192 |
119 |
|
Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. |
|
41 |
CVE-2022-41191 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
42 |
CVE-2022-41190 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
43 |
CVE-2022-41189 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
44 |
CVE-2022-41188 |
119 |
|
Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. |
|
45 |
CVE-2022-41187 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
46 |
CVE-2022-41186 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a re-use of dangling pointer which refers to overwritten space in memory. |
|
47 |
CVE-2022-41185 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, MataiPersistence.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
48 |
CVE-2022-41184 |
119 |
|
Exec Code Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. |
|
49 |
CVE-2022-41183 |
119 |
|
Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. |
|
50 |
CVE-2022-41182 |
119 |
|
Overflow |
2022-10-11 |
2022-10-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Due to lack of proper memory management, when a victim opens manipulated Parasolid Part and Assembly (.x_b, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. |
