CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-2285 – Integer Overflow or Wraparound in vim/vim
https://notcve.org/view.php?id=CVE-2022-2285
02 Jul 2022 — Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. Un Desbordamiento de Enteros o Wraparound en el repositorio de GitHub vim/vim versiones anteriores a 9.0 It was discovered that Vim incorrectly handled memory when opening certain files. • https://github.com/vim/vim/commit/27efc62f5d86afcb2ecb7565587fe8dea4b036fe • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2226 – Mozilla: An email with a mismatching OpenPGP signature date was accepted as valid
https://notcve.org/view.php?id=CVE-2022-2226
01 Jul 2022 — Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities. • https://bugzilla.mozilla.org/show_bug.cgi?id=1775441 • CWE-294: Authentication Bypass by Capture-replay CWE-357: Insufficient UI Warning of Dangerous Operations •
CVSS: 6.5EPSS: 0%CPEs: 33EXPL: 2CVE-2022-32206 – curl: HTTP compression denial of service
https://notcve.org/view.php?id=CVE-2022-32206
28 Jun 2022 — Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://github.com/HimanshuS67/external_curl_AOSP10_CVE-2022-32206 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34481 – Mozilla: Potential integer overflow in ReplaceElementsAt
https://notcve.org/view.php?id=CVE-2022-34481
28 Jun 2022 — In the nsTArray_Impl::ReplaceElementsAt() function, an integer overflow could have occurred when the number of elements to replace was too large for the container. ... The Mozilla Foundation Security Advisory describes this flaw as: In the `nsTArray_Impl::ReplaceElementsAt()` function, where an integer overflow could occur when the number of elements to replace was too large for the container. ... Issues addressed include bypass, integer overflow, and u... • https://bugzilla.mozilla.org/show_bug.cgi?id=1497246 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34470 – Mozilla: Use-after-free in nsSHistory
https://notcve.org/view.php?id=CVE-2022-34470
28 Jun 2022 — Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities. • https://bugzilla.mozilla.org/show_bug.cgi?id=1765951 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2200 – Mozilla: Undesired attributes could be set as part of prototype pollution
https://notcve.org/view.php?id=CVE-2022-2200
28 Jun 2022 — Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities. • https://bugzilla.mozilla.org/show_bug.cgi?id=1771381 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.9EPSS: 0%CPEs: 22EXPL: 1CVE-2022-32208 – curl: FTP-KRB bad message verification
https://notcve.org/view.php?id=CVE-2022-32208
28 Jun 2022 — Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-787: Out-of-bounds Write CWE-840: Business Logic Errors CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34468 – Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI
https://notcve.org/view.php?id=CVE-2022-34468
28 Jun 2022 — Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities. • https://bugzilla.mozilla.org/show_bug.cgi?id=1768537 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34472 – Mozilla: Unavailable PAC file resulted in OCSP requests being blocked
https://notcve.org/view.php?id=CVE-2022-34472
28 Jun 2022 — Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities. • https://bugzilla.mozilla.org/show_bug.cgi?id=1770123 • CWE-393: Return of Wrong Status Code •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-34479 – Mozilla: A popup window could be resized in a way to overlay the address bar with web content
https://notcve.org/view.php?id=CVE-2022-34479
28 Jun 2022 — Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities. • https://bugzilla.mozilla.org/show_bug.cgi?id=1745595 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •