Total
1016 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2182 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-2125 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-24942 | 1 Silabs | 1 Micrium Uc-http | 2023-11-07 | N/A | 9.8 CRITICAL |
| Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request. | |||||
| CVE-2022-24795 | 1 Yajl-ruby Project | 1 Yajl-ruby | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. The reallocation logic at `yajl_buf.c#L64` may result in the `need` 32bit integer wrapping to 0 when `need` approaches a value of 0x80000000 (i.e. ~2GB of data), which results in a reallocation of buf->alloc into a small heap chunk. These integers are declared as `size_t` in the 2.x branch of `yajl`, which practically prevents the issue from triggering on 64bit platforms, however this does not preclude this issue triggering on 32bit builds on which `size_t` is a 32bit integer. Subsequent population of this under-allocated heap chunk is based on the original buffer size, leading to heap memory corruption. This vulnerability mostly impacts process availability. Maintainers believe exploitation for arbitrary code execution is unlikely. A patch is available and anticipated to be part of yajl-ruby version 1.4.2. As a workaround, avoid passing large inputs to YAJL. | |||||
| CVE-2022-24052 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16190. | |||||
| CVE-2022-20737 | 1 Cisco | 1 Adaptive Security Appliance Software | 2023-11-07 | 7.0 HIGH | 7.1 HIGH |
| A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device or to obtain portions of process memory from an affected device. This vulnerability is due to insufficient bounds checking when parsing specific HTTP authentication messages. An attacker could exploit this vulnerability by sending malicious traffic to an affected device acting as a VPN Gateway. To send this malicious traffic, an attacker would need to control a web server that can be accessed through the Clientless SSL VPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition, or to retrieve bytes from the device process memory that may contain sensitive information. | |||||
| CVE-2022-1942 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-1886 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-1733 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. | |||||
| CVE-2022-1621 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution | |||||
| CVE-2022-1619 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Macos, Debian Linux, Fedora and 3 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution | |||||
| CVE-2022-1381 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution | |||||
| CVE-2022-1160 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. | |||||
| CVE-2022-0943 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. | |||||
| CVE-2022-0714 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. | |||||
| CVE-2022-0713 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. | |||||
| CVE-2022-0676 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. | |||||
| CVE-2022-0572 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-0518 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2. | |||||
| CVE-2022-0417 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. | |||||