CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0216 – Invalid pointer dereference in d2i_PKCS7 functions
https://notcve.org/view.php?id=CVE-2023-0216
07 Feb 2023 — An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data. A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when a... • https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-4450 – Double free after calling PEM_read_bio_ex
https://notcve.org/view.php?id=CVE-2022-4450
07 Feb 2023 — The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will popula... • https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-40617 – Gentoo Linux Security Advisory 202405-08
https://notcve.org/view.php?id=CVE-2022-40617
04 Oct 2022 — strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. strongSwan anterior a 5.9.8 permite a atacantes remotos provocar una Denegación de Servicio en el complemento d... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3GAYIOCSLU57C45CO4UE4IV4JZE4W3L • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-27812
https://notcve.org/view.php?id=CVE-2022-27812
24 Aug 2022 — Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS. Inundar las versiones 3.7.0 a 3.7.29, 3.11.0 a 3.11.17, 4.2.0 a 4.2.10, y 4.3.0 a 4.3.6 del cortafuegos SNS con tráfico forjado específico, puede conducir a un DoS SNS • https://advisories.stormshield.eu/2022-009 •
CVSS: 10.0EPSS: 92%CPEs: 31EXPL: 5CVE-2022-37434 – zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
https://notcve.org/view.php?id=CVE-2022-37434
05 Aug 2022 — zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). zlib versiones hasta 1.2.12, presenta una lectura excesiva de búfer en la región heap de la memoria o desbordamiento de búfer en el archivo inflate.c por medio de un cam... • https://github.com/xen0bit/CVE-2022-37434_poc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 89%CPEs: 15EXPL: 1CVE-2022-32213 – nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding
https://notcve.org/view.php?id=CVE-2022-32213
14 Jul 2022 — The llhttp parser
CVSS: 6.5EPSS: 68%CPEs: 9EXPL: 1CVE-2022-32214 – nodejs: HTTP request smuggling due to improper delimiting of header fields
https://notcve.org/view.php?id=CVE-2022-32214
14 Jul 2022 — The llhttp parser
CVSS: 6.5EPSS: 87%CPEs: 16EXPL: 1CVE-2022-32215 – nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding
https://notcve.org/view.php?id=CVE-2022-32215
14 Jul 2022 — The llhttp parser
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30279
https://notcve.org/view.php?id=CVE-2022-30279
12 May 2022 — An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash. Se ha detectado un problema en Stormshield Network Security (SNS) versiones 4.3.x anteriores a 4.3.8. El registro de eventos del complemento ASQ sofbus lacbus desencadena una desreferencia de puntero NU... • https://advisories.stormshield.eu/2022-015 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-23989
https://notcve.org/view.php?id=CVE-2022-23989
15 Mar 2022 — In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x before 3.11.13, 4.x before 4.2.10, and 4.3.x before 4.3.5, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the blocking of almost all network traffic, making the firewall unreachable. An attacker could exploit this via forged and properly timed traffic to cause a denial of service. En Stormshield Network Security (SNS) antes de la versión 3.7.25, de la 3.8.x a la 3.... • https://advisories.stormshield.eu/2022-003 •