CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26708 – Apple Security Advisory 2022-05-16-2
https://notcve.org/view.php?id=CVE-2022-26708
17 May 2022 — Un atacante puede causar la terminación inesperada de la aplicación o una ejecución de código arbitrario macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213257 •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2022-26711 – Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26711
17 May 2022 — An integer overflow issue was addressed with improved input validation. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before reading from memory. An attacker can leverage this vulnerability to execute code in the context of the current process. macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, o... • https://support.apple.com/en-us/HT213253 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26712 – Apple Security Advisory 2022-05-16-2
https://notcve.org/view.php?id=CVE-2022-26712
17 May 2022 — Una aplicación maliciosa puede ser capaz de modificar partes protegidas del sistema de archivos macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213256 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1728 – Allowing long password leads to denial of service in polonel/trudesk in polonel/trudesk
https://notcve.org/view.php?id=CVE-2022-1728
16 May 2022 — Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. Permitiendo una contraseña larga conlleva a una denegación de servicio en polonel/trudesk en el repositorio de GitHub polonel/trudesk versiones anteriores a 1.2.2. Esta vulnerabilidad puede ser abusada al hacer un ataque DDoS por el cual usuarios genuinos no pod... • https://github.com/polonel/trudesk/commit/e836d04d16787c2c9c72e7bf011cf396d1f73c19 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1718 – The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in polonel/trudesk
https://notcve.org/view.php?id=CVE-2022-1718
16 May 2022 — The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service. La aplicación trudesk permite insertar caracteres grandes en el campo de entrada "Full Name" en el campo de registro, lo que puede permitir a atacantes causar una Denegación de Servicio (DoS) por medio de una petición HTTP dis... • https://github.com/polonel/trudesk/commit/87e231e04495fb705fe1e03cb56fc4136bafe895 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28937
https://notcve.org/view.php?id=CVE-2022-28937
15 May 2022 — FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests. Se ha detectado que FISCO-BCOS versión 3.0.0-rc2, contiene un problema por el que un nodo malicioso, por medio de una propuesta con un encabezado no válido, causará que los nodos normales dejen de producir nuevos bloques y de procesar las peticiones de los nuevos clientes • https://github.com/FISCO-BCOS/FISCO-BCOS/issues/2312 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28936
https://notcve.org/view.php?id=CVE-2022-28936
15 May 2022 — FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node can trigger an integer overflow and cause a Denial of Service (DoS) via an unusually large viewchange message packet. • https://github.com/FISCO-BCOS/FISCO-BCOS/issues/2307 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1698 – Allowing long password leads to denial of service in causefx/organizr
https://notcve.org/view.php?id=CVE-2022-1698
12 May 2022 — Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. Permitir una contraseña larga conlleva a una denegación de servicio en el repositorio GitHub causefx/organizr versiones anteriores a 2.1.2000. Esta vulnerabilidad puede ser abusada al hacer un ataque DDoS para que usuarios genuinos no puedan acceder a recursos/aplicaciones • https://github.com/causefx/organizr/commit/e4b4cff66c526f7b5bbaef0073c92c315c29bd56 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1699 – Uncontrolled Resource Consumption in causefx/organizr
https://notcve.org/view.php?id=CVE-2022-1699
12 May 2022 — Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. Un Consumo no Controlado de Recursos en el repositorio GitHub causefx/organizr versiones anteriores a 2.1.2000. Esta vulnerabilidad puede ser abusada al hacer un ataque DDoS por el cual usuarios genuinos no podrán acceder a recursos/aplicaciones • https://github.com/causefx/organizr/commit/e4b4cff66c526f7b5bbaef0073c92c315c29bd56 • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-33315
https://notcve.org/view.php?id=CVE-2021-33315
11 May 2022 — The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. ... Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. • https://www.trendnet.com/support/view.asp?cat=4&id=81 • CWE-20: Improper Input Validation •