CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-21885 – Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent
https://notcve.org/view.php?id=CVE-2024-21885
17 Jan 2024 — A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments. Se encontró una falla en el servidor X.Org. En la función XISendDeviceHierarchyEvent, es posible exceder la longitud de la matriz asignada cuando se agregan cier... • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2024-21886 – Xorg-x11-server: heap buffer overflow in disabledevice
https://notcve.org/view.php?id=CVE-2024-21886
17 Jan 2024 — A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. Se encontró una falla de desbordamiento de búfer de almacenamiento dinámico en la función DisableDevice en el servidor X.Org. Este problema puede provocar un bloqueo de la aplicación o, en algunas circunstancias, la ejecución remota de código en entornos de reenvío SSH X11. This vulnerability ... • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 42EXPL: 0CVE-2023-5388 – nss: timing attack against RSA decryption
https://notcve.org/view.php?id=CVE-2023-5388
10 Jan 2024 — NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. NSS era susceptible a un ataque de canal lateral de sincronización al realizar el descifrado RSA. Este ataque podría permitir potencialmente que un atacante recupere los datos privados. • https://bugzilla.mozilla.org/show_bug.cgi?id=1780432 • CWE-208: Observable Timing Discrepancy •
CVSS: 7.0EPSS: 0%CPEs: 35EXPL: 0CVE-2023-51779 – kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg
https://notcve.org/view.php?id=CVE-2023-51779
25 Dec 2023 — bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. bt_sock_recvmsg en net/bluetooth/af_bluetooth.c en el kernel de Linux hasta 6.6.8 tiene un use-after-free debido a una condición de ejecución bt_sock_ioctl. A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the bt_sock_recvmsg() and bt_sock_ioctl() functions could lead to a use-after-free on a socket buffer ("skb"). This fla... • https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 39EXPL: 0CVE-2023-44446 – GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44446
15 Nov 2023 — GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://gstreamer.freedesktop.org/security/sa-2023-0010.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2023-40474 – GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-40474
27 Sep 2023 — GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before al... • https://gstreamer.freedesktop.org/security/sa-2023-0006.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2023-40475 – GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-40475
27 Sep 2023 — GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before al... • https://gstreamer.freedesktop.org/security/sa-2023-0007.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2023-40476 – GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-40476
27 Sep 2023 — GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H265 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it ... • https://gstreamer.freedesktop.org/security/sa-2023-0008.html • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 29EXPL: 0CVE-2023-37328 – GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-37328
06 Jul 2023 — GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to ... • https://gstreamer.freedesktop.org/security/sa-2023-0003.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 28EXPL: 0CVE-2022-31631 – php: PDO:: quote() may return unquoted string due to an integer overflow
https://notcve.org/view.php?id=CVE-2022-31631
23 Jan 2023 — A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote() of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(), it is possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place. php: PDO::quote() may return unquoted string due to an integer overflow • https://access.redhat.com/security/cve/CVE-2022-31631 • CWE-190: Integer Overflow or Wraparound •