Page 147 of 852 results (0.014 seconds)

CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 2

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don't have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. • https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html https://github.com/rust-lang/rust/pull/93110 https://github.com/rust-lang/rust/pull/93110/commits/32ed6e599bb4722efefd78bbc9cd7ec4613cb946 https://github.com/rust-lang/rust/pull/93110/commits/406cc071d6cfdfdb678bf3d83d766851de95abaf https://github.com/rust-lang/rust/pull/93110/commits/4f0ad1c92ca08da6e8dc17838070975762f59714 https://github.com/rust-lang/rust/security/advisories/GHSA-r9cc-f5pr-p3j2 https://lists.fedoraproject.org/archives/list/package-announc • CWE-363: Race Condition Enabling Link Following CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento de Búfer en la región Heap de la memoria en el repositorio GitHub vim/vim versiones anteriores a 8.2 A heap based out-of-bounds write flaw was found in vim's ops.c. This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write. This vulnerability is capable of crashing software, modify memory, and possible code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213444&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1

vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria Previamente Liberada • http://seclists.org/fulldisclosure/2022/Jul/13 http://seclists.org/fulldisclosure/2022/Mar/29 http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2X • CWE-416: Use After Free •

CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1

vim is vulnerable to Heap-based Buffer Overflow vim es vulnerable a un Desbordamiento del Búfer en la región Heap de la Memoria • http://seclists.org/fulldisclosure/2022/Jul/13 http://seclists.org/fulldisclosure/2022/Mar/29 http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39 https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2X • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 1

vim is vulnerable to Out-of-bounds Read vim es vulnerable a una Lectura Fuera de Límites. It was found that vim was vulnerable to an out-of-bound read flaw in getvcol(). A specially crafted file could be used to, when opened in vim, disclose some of the process's internal memory. • http://seclists.org/fulldisclosure/2022/Jul/14 http://seclists.org/fulldisclosure/2022/Mar/29 http://seclists.org/fulldisclosure/2022/May/35 http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedora • CWE-125: Out-of-bounds Read •