CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2022-32085 – mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor
https://notcve.org/view.php?id=CVE-2022-32085
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor. Se ha detectado que MariaDB versiones v10.2 a v10.7, contiene un fallo de segmentación por medio del componente Item_func_in::cleanup/Item::cleanup_processor • https://jira.mariadb.org/browse/MDEV-26407 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://security.netapp.com/advisory/ntap-20220818-0005 https://access.redhat.com/security/cve/CVE-2022-32085 https://bugzilla.redhat.com/show_bug.cgi?id=2104431 • CWE-229: Improper Handling of Values •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2022-32083 – mariadb: server crash at Item_subselect::init_expr_cache_tracker
https://notcve.org/view.php?id=CVE-2022-32083
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker. Se ha detectado que MariaDB versiones v10.2 a v10.6.1 contiene un fallo de segmentación por medio del componente Item_subselect::init_expr_cache_tracker • https://jira.mariadb.org/browse/MDEV-26047 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://security.netapp.com/advisory/ntap-20220826-0006 https://access.redhat.com/security/cve/CVE-2022-32083 https://bugzilla.redhat.com/show_bug.cgi?id=2104425 • CWE-229: Improper Handling of Values •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1CVE-2022-32084 – mariadb: segmentation fault via the component sub_select
https://notcve.org/view.php?id=CVE-2022-32084
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. Se ha detectado que MariaDB versiones v10.2 a v10.7, contiene un fallo de segmentación por medio del componente sub_select • https://jira.mariadb.org/browse/MDEV-26427 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY https://security.netapp.com/advisory/ntap-20220818-0005 h • CWE-229: Improper Handling of Values •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1CVE-2022-32091 – mariadb: server crash in JOIN_CACHE::free or in copy_fields
https://notcve.org/view.php?id=CVE-2022-32091
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. Se ha detectado que MariaDB v10.7, contiene un error de uso en la función __interceptor_memset en el archivo /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc • https://jira.mariadb.org/browse/MDEV-26431 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY https://security.netapp.com/advisory/ntap-20220818-0005 h • CWE-229: Improper Handling of Values CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-2058 – libtiff: division by zero issues in tiffcrop
https://notcve.org/view.php?id=CVE-2022-2058
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. Un error de División Por Cero en tiffcrop en libtiff versión 4.4.0, permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para usuarios que compilan libtiff a partir de las fuentes, la corrección está disponible con el commit f3a5e010 A divide-by-zero vulnerability was found in libtiff. This flaw allows an attacker to cause a denial of service via a crafted tiff file. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2058.json https://gitlab.com/libtiff/libtiff/-/issues/428 https://gitlab.com/libtiff/libtiff/-/merge_requests/346 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TSS7MJ7OO7JO5BNKCRYSFU7UAYOKLA2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXUMJXVEAYFWRO3U3YHKSULHIVDOLEQS https:// • CWE-369: Divide By Zero •