CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2022-26711 – Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26711
An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. Se abordó un problema de desbordamiento de enteros con una comprobación de entradas mejorada. Este problema es corregido en tvOS versión 15.5, iTunes versión 12.12.4 para Windows, iOS versión 15.5 y iPadOS versión 15.5, watchOS versión 8.6, macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 https://support.apple.com/en-us/HT213259 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1733 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-1733
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. Un desbordamiento de búfer en la región Heap de la memoria en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4968 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/60ae0e71490c97f2871a6344aca61cacf220f813 https://huntr.dev/bounties/6ff03b27-472b-4bef-a2bf-410fae65ff0a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG https://lists.fedoraproject.org/archives/list/package-anno • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1769 – Buffer Over-read in vim/vim
https://notcve.org/view.php?id=CVE-2022-1769
Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. Un desbordamiento de búfer en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4974 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4 https://huntr.dev/bounties/522076b2-96cb-4df6-a504-e6e2f64c171c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG https://lists.fedoraproject.org/archives/list/package-anno • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1735 – Classic Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-1735
Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. Un Desbordamiento de Búfer Clásico en el repositorio GitHub vim/vim versiones anteriores a 8.2.4969 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/7ce5b2b590256ce53d6af28c1d203fb3bc1d2d97 https://huntr.dev/bounties/c9f85608-ff11-48e4-933d-53d1759d44d9 https://security.gentoo.org/glsa/202208-32 https://security.gentoo.org/glsa/202305-16 https://support.apple.com/kb/HT213488 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1720 – Buffer Over-read in function grab_file_name in vim/vim
https://notcve.org/view.php?id=CVE-2022-1720
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. Una Lectura Excesiva del Búfer en la función grab_file_name en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4956. Esta vulnerabilidad es capaz de bloquear el software, modificación de la memoria y una posible ejecución remota • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 http://seclists.org/fulldisclosure/2022/Oct/45 https://github.com/vim/vim/commit/395bd1f6d3edc9f7edb5d1f2d7deaf5a9e3ab93c https://huntr.dev/bounties/5ccfb386-7eb9-46e5-98e5-243ea4b358a8 https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archiv • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •