Total
12209 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3577 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
| An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write. | ||||
| CVE-2022-3570 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2024-11-21 | 7.7 High |
| Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact | ||||
| CVE-2022-3520 | 1 Vim | 1 Vim | 2024-11-21 | 9.8 Critical |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. | ||||
| CVE-2022-3491 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. | ||||
| CVE-2022-3446 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-3437 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-11-21 | 4.3 Medium |
| A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. | ||||
| CVE-2022-3409 | 1 Openbmc-project | 1 Openbmc | 2024-11-21 | 8.2 High |
| A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. This vulnerability was identified during mitigation for CVE-2022-2809. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected problem in how multipart_parser handles unclosed http headers. If long enough http header is passed in the multipart form without colon there is one byte overwrite on heap. It can be conducted multiple times in a loop to cause DoS. | ||||
| CVE-2022-3398 | 1 Omron | 1 Cx-programmer | 2024-11-21 | 7.8 High |
| OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2022-3397 | 1 Omron | 1 Cx-programmer | 2024-11-21 | 7.8 High |
| OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2022-3396 | 1 Omron | 1 Cx-programmer | 2024-11-21 | 7.8 High |
| OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2022-3386 | 1 Advantech | 1 R-seenet | 2024-11-21 | 9.8 Critical |
| Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution. | ||||
| CVE-2022-3385 | 1 Advantech | 1 R-seenet | 2024-11-21 | 9.8 Critical |
| Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution. | ||||
| CVE-2022-3379 | 1 Hornerautomation | 1 Cscape | 2024-11-21 | 7.8 High |
| Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer. | ||||
| CVE-2022-3373 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-3349 | 1 Sony | 4 Playstation 4, Playstation 4 Firmware, Playstation 5 and 1 more | 2024-11-21 | 6.8 Medium |
| A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical device. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-209679. | ||||
| CVE-2022-3324 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-11-21 | 7.8 High |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. | ||||
| CVE-2022-3296 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. | ||||
| CVE-2022-3234 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. | ||||
| CVE-2022-3228 | 1 Hosteng | 2 H0-ecom100, H0-ecom100 Firmware | 2024-11-21 | 6.5 Medium |
| Using custom code, an attacker can write into name or description fields larger than the appropriate buffer size causing a stack-based buffer overflow on Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prior. This may allow an attacker to crash the affected device or cause it to become unresponsive. | ||||
| CVE-2022-3213 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2024-11-21 | 5.5 Medium |
| A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service. | ||||