Page 118 of 3085 results (0.011 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1

CVE-2022-2304 – Stack-based Buffer Overflow in vim/vim

https://notcve.org/view.php?id=CVE-2022-2304

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. Un Desbordamiento de Búfer en la región stack de la memoria en el repositorio de GitHub vim/vim versiones anteriores a 9.0 • https://github.com/vim/vim/commit/54e5fed6d27b747ff152cdb6edfb72ff60e70939 https://huntr.dev/bounties/eb7402f3-025a-402f-97a7-c38700d9548a https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK https://security.gentoo.org/glsa/202208-32 https://security.gentoo.org/glsa/2023 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1

CVE-2022-2285 – Integer Overflow or Wraparound in vim/vim

https://notcve.org/view.php?id=CVE-2022-2285

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. Un Desbordamiento de Enteros o Wraparound en el repositorio de GitHub vim/vim versiones anteriores a 9.0 • https://github.com/vim/vim/commit/27efc62f5d86afcb2ecb7565587fe8dea4b036fe https://huntr.dev/bounties/64574b28-1779-458d-a221-06c434042736 https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK https://security.gentoo.org/glsa/202208-32 https://security.gentoo.org/glsa/2023 • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2

CVE-2022-34903 – gpg: Signature spoofing via status line injection

https://notcve.org/view.php?id=CVE-2022-34903

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. GnuPG versiones hasta 2.3.6, en situaciones inusuales en las que un atacante posee cualquier información de clave secreta del llavero de la víctima y son cumplidos en otras restricciones (por ejemplo, el uso de GPGME), permite una falsificación de firmas por medio de la inyección en la línea de estado A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the write_status_text_and_buffer() function in g10/cpr.c. This flaw allows a malicious actor to bypass access control. • http://www.openwall.com/lists/oss-security/2022/07/02/1 https://bugs.debian.org/1014157 https://dev.gnupg.org/T6027 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL https://lists.fedoraproject.org/archives • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1

CVE-2022-32088 – mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort

https://notcve.org/view.php?id=CVE-2022-32088

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort. Se ha detectado que MariaDB versiones v10.2 a v10.7, contiene un fallo de segmentación por el componente Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort • https://jira.mariadb.org/browse/MDEV-26419 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://security.netapp.com/advisory/ntap-20220818-0005 https://access.redhat.com/security/cve/CVE-2022-32088 https://bugzilla.redhat.com/show_bug.cgi?id=2106008 • CWE-229: Improper Handling of Values •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1

CVE-2022-32087 – mariadb: server crash in Item_args::walk_args

https://notcve.org/view.php?id=CVE-2022-32087

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args. Se ha detectado que MariaDB versiones v10.2 a v10.7, contiene un fallo de segmentación por medio del componente Item_args::walk_args • https://jira.mariadb.org/browse/MDEV-26437 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://security.netapp.com/advisory/ntap-20220818-0005 https://access.redhat.com/security/cve/CVE-2022-32087 https://bugzilla.redhat.com/show_bug.cgi?id=2104434 • CWE-229: Improper Handling of Values •