CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1616 – Use after free in append_command in vim/vim
https://notcve.org/view.php?id=CVE-2022-1616
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution Un uso de memoria previamente liberada en append_command en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4895. Esta vulnerabilidad es capaz de bloquear el software, omitir el mecanismo de protección, modificar la memoria y una posible ejecución remota • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/d88934406c5375d88f8f1b65331c9f0cab68cc6c https://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH https://lists.fedoraproject& • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2022-30293 – webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-30293
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. En WebKitGTK versiones hasta 2.36.0 (y WPE WebKit), se presenta un desbordamiento del búfer en la región heap de la memoria en la función WebCore::TextureMapperLayer::setContentsLayer en el archivo WebCore/platform/graphics/texmap/TextureMapperLayer.cpp A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the execution of arbitrary code on the system. • http://www.openwall.com/lists/oss-security/2022/05/30/1 https://bugs.webkit.org/show_bug.cgi?id=237187 https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0 https://security.gentoo.org/glsa/202208-39 https://www.debian.org/security/2022/dsa-5154 https://www.debian.org/security/2022/dsa-5155 https://access.redhat.com/security/cve/CVE-2022-30293 https://bugzilla.redhat.com/show_bug.cgi?id=2082548 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2022-24884 – Trivial signature forgery in ecdsautils
https://notcve.org/view.php?id=CVE-2022-24884
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. • https://github.com/freifunk-gluon/ecdsautils/commit/1d4b091abdf15ad7b2312535b5b95ad70f6dbd08 https://github.com/freifunk-gluon/ecdsautils/commit/39b6d0a77414fd41614953a0e185c4eefa2f88ad https://github.com/freifunk-gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw https://lists.debian.org/debian-lts-announce/2022/05/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4AKQH5WCBMJA3ODCSNERY6HVX4BX3ITG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/messa • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 2CVE-2022-27337 – poppler: A logic error in the Hints::Hints function can cause denial of service
https://notcve.org/view.php?id=CVE-2022-27337
A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. Un error lógico en la función Hints::Hints de Poppler versión v22.03.0, permite a atacantes causar una denegación de servicio (DoS) por medio de un archivo PDF diseñado A logic error was found in Popplers' Hints::Hints function in the Hints.cc file. This flaw allows an attacker to trick a user into opening a crafted PDf file into the pdftops utility, which causes the program to hang for a long time, leading to a denial of service. • https://gitlab.freedesktop.org/poppler/poppler/-/issues/1230 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1230#note_1372177 https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KOTDUXJOKDYO4I7MKHLT5NBGTN5E7FHQ https://www.debian.org/security/2022/dsa-5224 https://access.redhat.com/security/cve/CVE-2022-27337 https://bugzilla.redhat.com/show_bug.cgi?id=2087190 • CWE-1173: Improper Use of Validation Framework •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-1516
https://notcve.org/view.php?id=CVE-2022-1516
A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. Se ha encontrado un fallo de desreferencia de puntero NULL en la funcionalidad del conjunto de protocolos de red estandarizados X.25 del kernel de Linux en la forma en que un usuario termina su sesión usando una tarjeta Ethernet simulada y el uso continuado de esta conexión. Este fallo permite a un usuario local bloquear el sistema • http://www.openwall.com/lists/oss-security/2022/06/19/1 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7781607938c8 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://www.debian.org/security/2022/dsa-5173 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •