Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46691 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-05-30 | N/A | 8.8 HIGH |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-46341 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2023-05-30 | N/A | 8.8 HIGH |
| A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. | |||||
| CVE-2022-46340 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2023-05-30 | N/A | 8.8 HIGH |
| A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order. | |||||
| CVE-2022-43598 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2023-05-30 | N/A | 8.1 HIGH |
| Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`. | |||||
| CVE-2022-42863 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-05-30 | N/A | 8.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-41838 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2023-05-30 | N/A | 9.8 CRITICAL |
| A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-41639 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2023-05-30 | N/A | 9.8 CRITICAL |
| A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-32888 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-05-30 | N/A | 8.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-32886 | 3 Apple, Debian, Fedoraproject | 5 Ipados, Iphone Os, Safari and 2 more | 2023-05-30 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2023-0819 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. | |||||
| CVE-2022-47661 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 7.8 HIGH |
| GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes | |||||
| CVE-2022-47659 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data | |||||
| CVE-2022-45283 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 7.8 HIGH |
| GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c. | |||||
| CVE-2022-45202 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 7.8 HIGH |
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. | |||||
| CVE-2022-38530 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 7.8 HIGH |
| GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD. | |||||
| CVE-2022-36191 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 5.5 MEDIUM |
| A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242. | |||||
| CVE-2022-27145 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box. | |||||
| CVE-2022-26967 | 1 Gpac | 1 Gpac | 2023-05-27 | 6.8 MEDIUM | 7.8 HIGH |
| GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box. | |||||
| CVE-2022-24578 | 1 Gpac | 1 Gpac | 2023-05-27 | 6.8 MEDIUM | 7.8 HIGH |
| GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c. | |||||
| CVE-2021-41459 | 1 Gpac | 1 Mp4box | 2023-05-27 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability. | |||||