Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2415 | 1 Google | 1 Chrome | 2022-10-07 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2122 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2022-10-07 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. | |||||
| CVE-2022-1920 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2022-10-07 | N/A | 7.8 HIGH |
| Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. | |||||
| CVE-2018-13096 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image. | |||||
| CVE-2022-3397 | 1 Omron | 1 Cx-programmer | 2022-10-06 | N/A | 9.8 CRITICAL |
| OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2022-3398 | 1 Omron | 1 Cx-programmer | 2022-10-06 | N/A | 9.8 CRITICAL |
| OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2022-3396 | 1 Omron | 1 Cx-programmer | 2022-10-06 | N/A | 9.8 CRITICAL |
| OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-9549 | 2 Debian, Pdfresurrect Project | 2 Debian Linux, Pdfresurrect | 2022-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. | |||||
| CVE-2020-16213 | 1 Advantech | 1 Webaccess\/hmi Designer | 2022-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | |||||
| CVE-2017-11654 | 1 Sipcrack Project | 1 Sipcrack | 2022-10-06 | 4.3 MEDIUM | 5.9 MEDIUM |
| An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remote attacker could potentially use this flaw to crash the sipdump process by generating specially crafted SIP traffic. | |||||
| CVE-2021-21813 | 1 Att | 1 Xmill | 2022-10-06 | 4.6 MEDIUM | 7.8 HIGH |
| Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow. | |||||
| CVE-2021-33684 | 1 Sap | 2 Netweaver Abap, Netweaver Application Server Abap | 2022-10-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| SAP NetWeaver AS ABAP and ABAP Platform, versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.77, 7.81, 7.84, allows an attacker to send overlong content in the RFC request type thereby crashing the corresponding work process because of memory corruption vulnerability. The work process will attempt to restart itself after the crash and hence the impact on the availability is low. | |||||
| CVE-2020-6458 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-10-05 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2022-33885 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2022-10-05 | N/A | 7.8 HIGH |
| A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. | |||||
| CVE-2021-29998 | 2 Siemens, Windriver | 71 Ruggedcom Win Subscriber Station, Ruggedcom Win Subscriber Station Firmware, Scalance X200-4 P Irt and 68 more | 2022-10-05 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client. | |||||
| CVE-2020-13494 | 2 Apple, Pixar | 2 Macos, Openusd | 2022-10-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, victim needs to access an attacker-provided malformed file. | |||||
| CVE-2020-13493 | 2 Apple, Pixar | 2 Macos, Openusd | 2022-10-05 | 6.8 MEDIUM | 7.8 HIGH |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file. | |||||
| CVE-2022-41428 | 1 Axiosys | 1 Bento4 | 2022-10-05 | N/A | 8.8 HIGH |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux. | |||||
| CVE-2022-33889 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2022-10-05 | N/A | 7.8 HIGH |
| A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution. | |||||
| CVE-2022-41420 | 1 Nasm | 1 Netwide Assembler | 2022-10-05 | N/A | 5.5 MEDIUM |
| nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component | |||||