Total
1016 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0760 | 1 Gpac | 1 Gpac | 2023-07-15 | N/A | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. | |||||
| CVE-2019-14815 | 3 Linux, Netapp, Redhat | 18 Linux Kernel, Altavault, Baseboard Management Controller and 15 more | 2023-07-13 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. | |||||
| CVE-2022-48512 | 1 Huawei | 2 Emui, Harmonyos | 2023-07-13 | N/A | 9.8 CRITICAL |
| Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally. | |||||
| CVE-2019-14816 | 7 Canonical, Debian, Fedoraproject and 4 more | 54 Ubuntu Linux, Debian Linux, Fedora and 51 more | 2023-07-12 | 7.2 HIGH | 7.8 HIGH |
| There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | |||||
| CVE-2022-30540 | 1 Hornerautomation | 1 Cscape | 2023-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer, which may allow an attacker to execute arbitrary code | |||||
| CVE-2022-29210 | 1 Google | 1 Tensorflow | 2023-06-28 | 2.1 LOW | 5.5 MEDIUM |
| TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to ASAN failures because the `AllocatedBytes()` is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the `.data()` buffer. The discoverers could not use this byte vector anyway because types such as `tstring` include pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1. | |||||
| CVE-2022-2566 | 1 Ffmpeg | 1 Ffmpeg | 2023-06-27 | N/A | 7.8 HIGH |
| A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 | |||||
| CVE-2022-1052 | 1 Radare | 1 Radare2 | 2023-06-27 | 2.1 LOW | 5.5 MEDIUM |
| Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6. | |||||
| CVE-2022-1922 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2023-06-27 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | |||||
| CVE-2022-1923 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2023-06-27 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | |||||
| CVE-2022-1924 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2023-06-27 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | |||||
| CVE-2022-1925 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2023-06-27 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks. | |||||
| CVE-2021-21914 | 1 Accusoft | 1 Imagegear | 2023-06-26 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21943 | 1 Accusoft | 1 Imagegear | 2023-06-26 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21947 | 1 Accusoft | 1 Imagegear | 2023-06-26 | 6.8 MEDIUM | 8.8 HIGH |
| Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is greater or equal than 9. | |||||
| CVE-2021-21948 | 2 Anycubic, Chitubox | 2 Chitubox, Chitubox Basic | 2023-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic Chitubox AnyCubic Plugin 1.0.0. A specially-crafted GF file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-45918 | 1 Nhi | 1 Health Insurance Web Service Component | 2023-06-26 | 7.8 HIGH | 7.5 HIGH |
| NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service. | |||||
| CVE-2023-24014 | 1 Deltaww | 1 Cncsoft-b | 2023-06-14 | N/A | 7.8 HIGH |
| Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to heap-based buffer overflow, which could allow an attacker to execute arbitrary code. | |||||
| CVE-2022-39136 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-06-13 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V13.3 (All versions >= V13.3.0.7 < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted TIF files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-32324 | 2 Debian, Openprinting | 2 Debian Linux, Cups | 2023-06-08 | N/A | 5.5 MEDIUM |
| OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. | |||||