CVSS: 3.2EPSS: 0%CPEs: 11EXPL: 2CVE-2020-14394
https://notcve.org/view.php?id=CVE-2020-14394
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. Se ha encontrado un fallo de bucle infinito en la emulación del controlador USB xHCI de QEMU mientras es calculada la longitud del anillo de petición de transferencia (TRB). Este fallo permite a un usuario invitado privilegiado colgar el proceso de QEMU en el host, resultando en una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1908004 https://gitlab.com/qemu-project/qemu/-/issues/646 https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-2845 – Improper Validation of Specified Quantity in Input in vim/vim
https://notcve.org/view.php?id=CVE-2022-2845
Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218. Una lectura excesiva del búfer en el repositorio de GitHub vim/vim versiones anteriores a 9.0.0218. • https://github.com/vim/vim/commit/e98c88c44c308edaea5994b8ad4363e65030968c https://huntr.dev/bounties/3e1d31ac-1cfd-4a9f-bc5c-213376b69445 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL https://security.gentoo.org/glsa/202305-16 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-2849 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-2849
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. Desbordamiento del búfer en la región heap de la memoria en el repositorio de GitHub vim/vim anterior a la versión 9.0.0220. • https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2 https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL https://security.gentoo.org/glsa/202305-16 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-2862 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-2862
Use After Free in GitHub repository vim/vim prior to 9.0.0221. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 9.0.0221. • https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494 https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL https://security.gentoo.org/glsa/202305-16 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38223
https://notcve.org/view.php?id=CVE-2022-38223
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. Se presenta una escritura fuera de límites en checkType ubicada en etc.c en w3m 0.5.3. Puede desencadenarse mediante el envío de un archivo HTML diseñado al binario de w3m. • https://github.com/tats/w3m/issues/242 https://lists.debian.org/debian-lts-announce/2023/08/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKESIFZMWIFMI6DRGMUYOTVKBOSEKDXZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R https://lists.fedoraproject.org/archives/list/package-announce • CWE-787: Out-of-bounds Write •