cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.
Max CVSS
8.8
EPSS Score
0.27%
Published
2022-11-03
Updated
2022-12-13
An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.
Max CVSS
8.1
EPSS Score
0.11%
Published
2022-10-14
Updated
2023-03-01
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-11-06
Updated
2023-01-31
sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.
Max CVSS
7.8
EPSS Score
0.35%
Published
2022-11-08
Updated
2023-02-01
Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.
Max CVSS
8.8
EPSS Score
0.70%
Published
2022-10-19
Updated
2023-12-27
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
Max CVSS
7.8
EPSS Score
0.13%
Published
2022-08-30
Updated
2022-10-28
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
Max CVSS
9.8
EPSS Score
1.04%
Published
2022-10-21
Updated
2023-05-03
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
Max CVSS
9.8
EPSS Score
0.34%
Published
2022-08-05
Updated
2023-07-19
The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942.
Max CVSS
7.8
EPSS Score
0.10%
Published
2022-08-18
Updated
2022-10-28
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.
Max CVSS
7.8
EPSS Score
0.10%
Published
2022-08-18
Updated
2022-10-28
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.
Max CVSS
7.8
EPSS Score
0.10%
Published
2022-08-18
Updated
2022-10-28
Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc.
Max CVSS
5.5
EPSS Score
0.09%
Published
2022-08-29
Updated
2023-01-09
Advancecomp v2.3 was discovered to contain a heap buffer overflow.
Max CVSS
5.5
EPSS Score
0.09%
Published
2022-08-29
Updated
2023-01-09
Advancecomp v2.3 was discovered to contain a heap buffer overflow.
Max CVSS
5.5
EPSS Score
0.09%
Published
2022-08-29
Updated
2023-01-09
Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.
Max CVSS
5.5
EPSS Score
0.09%
Published
2022-08-29
Updated
2023-01-09
An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.
Max CVSS
7.5
EPSS Score
0.35%
Published
2022-07-01
Updated
2022-11-05
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
Max CVSS
5.5
EPSS Score
0.12%
Published
2022-06-23
Updated
2022-10-28
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
Max CVSS
8.8
EPSS Score
0.25%
Published
2022-09-20
Updated
2023-05-30
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-05-26
Updated
2023-01-13
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-05-26
Updated
2023-01-13
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-05-26
Updated
2023-01-13
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-05-26
Updated
2023-01-13
Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call.
Max CVSS
10.0
EPSS Score
0.54%
Published
2022-05-04
Updated
2022-12-09
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
Max CVSS
6.5
EPSS Score
0.15%
Published
2022-05-03
Updated
2023-01-11
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
Max CVSS
7.5
EPSS Score
0.29%
Published
2022-04-20
Updated
2022-10-05
121 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!