RSS   Podatności dla 'Fedora'   RSS

2022-05-08
 
CVE-2022-1619

CWE-787
 

 
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution

 
 
CVE-2022-1620

CWE-476
 

 
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.

 
2022-05-03
 
CVE-2022-29824

CWE-190
 

 
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.

 
2022-04-21
 
CVE-2022-1420

CWE-119
 

 
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.

 
2022-04-18
 
CVE-2021-42778

CWE-672
 

 
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.

 
 
CVE-2021-42779

CWE-416
 

 
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.

 
 
CVE-2021-42780

CWE-252
 

 
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.

 
 
CVE-2021-42781

CWE-787
 

 
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.

 
 
CVE-2021-42782

CWE-787
 

 
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.

 
2022-04-14
 
CVE-2022-1304

CWE-125
 

 
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

 


Copyright 2022, cxsecurity.com

 

Back to Top