CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28733 – Integer underflow in grub_net_recv_ip4_packets
https://notcve.org/view.php?id=CVE-2022-28733
20 Jun 2022 — Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer. A flaw was found in grub2 when handling IPv4 packets. This flaw allows an attacker to craft a mali... • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-42586
https://notcve.org/view.php?id=CVE-2021-42586
23 May 2022 — A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. Se ha detectado un desbordamiento del búfer de la pila en la función copy_bytes en el archivo decode_r2007.c en dwgread versiones anteriores a 0.12.4 por medio de un archivo dwg diseñado • https://github.com/LibreDWG/libredwg/issues/350 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-42585
https://notcve.org/view.php?id=CVE-2021-42585
23 May 2022 — A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. Se ha detectado un desbordamiento del búfer de la pila en la función copy_compressed_bytes en el archivo decode_r2007.c en dwgread versiones anteriores a 0.12.4, por medio de un archivo dwg manipulado • https://github.com/LibreDWG/libredwg/issues/351 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2022-29458 – Ubuntu Security Notice USN-6099-1
https://notcve.org/view.php?id=CVE-2022-29458
18 Apr 2022 — ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. ncurses versiones 6.3 anteriores al parche 20220416, presentan una lectura fuera de límites y una violación de segmentación en el archivo convert_strings en tinfo/read_entry.c en la biblioteca terminfo It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 7%CPEs: 3EXPL: 0CVE-2022-1271 – Tukaani XZ Utils xzgrep Argument Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-1271
12 Apr 2022 — An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep... • https://access.redhat.com/security/cve/CVE-2022-1271 • CWE-20: Improper Input Validation CWE-179: Incorrect Behavior Order: Early Validation CWE-1173: Improper Use of Validation Framework •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2022-25309 – fribidi: Heap-buffer-overflow in fribidi_cap_rtl_to_unicode
https://notcve.org/view.php?id=CVE-2022-25309
07 Apr 2022 — A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service. Se ha encontrado un fallo de desbordamiento de búfer en la región heap de la memoria en el paquete Fribidi y afecta a la función fribidi_cap_rtl_to_unicode() del archivo fribidi-cha... • https://access.redhat.com/security/cve/CVE-2022-25309 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2022-25310 – fribidi: SEGV in fribidi_remove_bidi_marks
https://notcve.org/view.php?id=CVE-2022-25310
07 Apr 2022 — A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service. Se ha encontrado un fallo de segmentación (SEGV) en el paquete Fribidi que afecta a la función fribidi_remove_bidi_marks() del archivo lib/fribidi.c. Este fallo permite a un atacante pasar un archivo especialmente diseñado a Fribidi, conlle... • https://access.redhat.com/security/cve/CVE-2022-25310 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2022-25308 – fribidi: Stack based buffer overflow
https://notcve.org/view.php?id=CVE-2022-25308
07 Apr 2022 — A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. Se ha encontrado un fallo de desbordamiento del búfer en la región stack de la memoria en el paquete Fribidi. Este fallo permite a un atacante pasar un archivo especialmente diseñado a la aplicación Fribidi, lo que conlleva a una posible pérdida de memoria o una denegación de servicio. Jura... • https://access.redhat.com/security/cve/CVE-2022-25308 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-27943
https://notcve.org/view.php?id=CVE-2022-27943
26 Mar 2022 — libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. El archivo libiberty/rust-demangle.c en GNU GCC versión 11.2, permite un consumo de pila en demangle_const, como lo demuestra nm-new • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 • CWE-674: Uncontrolled Recursion •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 1CVE-2021-46705 – grub2-once uses fixed file name in /var/tmp
https://notcve.org/view.php?id=CVE-2021-46705
16 Mar 2022 — A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1. Una vulnerabilidad de Archivos Temporales no Seguros en grub-once de grub2 en SUSE Linux Enterprise Server 15 SP4, openSUSE Factory permite a atacantes locales truncar archivos arbitrario... • https://bugzilla.suse.com/show_bug.cgi?id=1190474 • CWE-377: Insecure Temporary File •