CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-46022
https://notcve.org/view.php?id=CVE-2021-46022
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. Una vulnerabilidad de Uso de Memoria Previamente Liberada en la función rec_mset_elem_destroy() en el archivo rec-mset.c de GNU Recutils v1.8.90, puede conllevar a un fallo de segmentación o un fallo de la aplicación • https://github.com/gnu-mirror-unofficial/recutils/commit/34b75ed7ad492c8e38b669ebafe0176f1f9992d2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDVOFC3HTBG7DF2PZTEXRMG4CV2F55UF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRSXSN2XF6PX74WDYVV26TQMYIFAEQ3T https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00007.html https://nvd.nist.gov/vuln/detail/CVE-2021-46022 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 1CVE-2022-23218 – glibc: Stack-based buffer overflow in svcunix_create via long pathnames
https://notcve.org/view.php?id=CVE-2022-23218
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. La función de compatibilidad obsoleta svcunix_create en el módulo sunrpc de la Biblioteca C de GNU (también conocida como glibc) hasta la versión 2.34 copia su argumento de ruta en la pila sin comprobar su longitud, lo que puede resultar en un desbordamiento del búfer, resultando potencialmente en una denegación de servicio o (si una aplicación no está construida con un protector de pila habilitado) la ejecución de código arbitrario A stack based buffer-overflow vulnerability was found in the deprecated compatibility function svcunix_create() in the sunrpc's svc_unix.c module of the GNU C Library (aka glibc) through 2.34. This vulnerability copies its path argument onto the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) then it will lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html https://security.gentoo.org/glsa/202208-24 https://sourceware.org/bugzilla/show_bug.cgi?id=28768 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-23218 https://bugzilla.redhat.com/show_bug.cgi?id=2042013 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 1CVE-2022-23219 – glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
https://notcve.org/view.php?id=CVE-2022-23219
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. La función de compatibilidad obsoleta clnt_create en el módulo sunrpc de la Biblioteca C de GNU (también se conoce como glibc) versiones hasta 2.34, copia su argumento de nombre de host en la pila sin comprobar su longitud, que puede resultar en un desbordamiento de búfer, resultando potencialmente en una denegación de servicio o (si una aplicación no está construida con un protector de pila habilitado) la ejecución de código arbitrario A stack based buffer-overflow vulnerability was found in the deprecated compatibility function clnt_create() in the sunrpc's clnt_gen.c module of the GNU C Library (aka glibc) through 2.34. This vulnerability copies its hostname argument onto the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html https://security.gentoo.org/glsa/202208-24 https://sourceware.org/bugzilla/show_bug.cgi?id=22542 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-23219 https://bugzilla.redhat.com/show_bug.cgi?id=2042017 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-46019
https://notcve.org/view.php?id=CVE-2021-46019
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. Una desreferencia de puntero no confiable en la función rec_db_destroy() del archivo rec-db.c de GNU Recutils versión v1.8.90, puede conllevar a un fallo de segmentación o un fallo de la aplicación • https://github.com/gnu-mirror-unofficial/recutils/commit/34b75ed7ad492c8e38b669ebafe0176f1f9992d2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDVOFC3HTBG7DF2PZTEXRMG4CV2F55UF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRSXSN2XF6PX74WDYVV26TQMYIFAEQ3T https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00009.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-45950
https://notcve.org/view.php?id=CVE-2021-45950
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). LibreDWG versiones 0.12.4.4313 hasta 0.12.4.4367, presenta una escritura fuera de límites en la función dwg_free_BLOCK_private (llamada desde dwg_free_BLOCK y dwg_free_object). • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34766 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2021-814.yaml • CWE-787: Out-of-bounds Write •