Total
2516 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3437 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-11-21 | 4.3 Medium |
| A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. | ||||
| CVE-2022-3234 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. | ||||
| CVE-2022-39852 | 1 Google | 1 Android | 2024-11-21 | 8 High |
| A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution. | ||||
| CVE-2022-39260 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Xcode, Debian Linux, Fedora and 3 more | 2024-11-21 | 8.5 High |
| Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround. | ||||
| CVE-2022-38701 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-11-21 | 6.2 Medium |
| OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information. | ||||
| CVE-2022-38533 | 2 Fedoraproject, Gnu | 2 Fedora, Binutils | 2024-11-21 | 5.5 Medium |
| In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | ||||
| CVE-2022-37864 | 1 Siemens | 1 Solid Edge | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Solid Edge (All Versions < SE2022MP9). The affected application contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17627) | ||||
| CVE-2022-36863 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36862 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36860 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36858 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36846 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36845 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36844 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36843 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36842 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in prepareRecogLibrary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-36841 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A heap-based overflow vulnerability in PrepareRecogLibrary_Part function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2022-35020 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc. | ||||
| CVE-2022-35017 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 was discovered to contain a heap buffer overflow. | ||||
| CVE-2022-35016 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 was discovered to contain a heap buffer overflow. | ||||