CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-24576 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2022-24576
14 Mar 2022 — GPAC versión 1.0.1, está afectado por un Uso de Memoria Previamente Liberada mediante MP4Box Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://github.com/gpac/gpac/issues/2061 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-24575 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2022-24575
14 Mar 2022 — GPAC versión 1.0.1,está afectado por un desbordamiento del búfer en la región stack de la memoria mediante MP4Box Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://github.com/gpac/gpac/issues/2058 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2022-24577 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2022-24577
14 Mar 2022 — (gf_utf8_wcslen es una función Unicode utf8_wcslen renombrada) Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://github.com/gpac/gpac/blob/105d67985ff3c3f4b98a98f312e3d84ae77a4463/share/doc/man/gpac.1#L2226-L2229 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-24574 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2022-24574
14 Mar 2022 — GPAC versión 1.0.1, está afectado por una desreferencia de puntero NULL en la función gf_dump_vrml_field.isra() Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://huntr.dev/bounties/a08437cc-25aa-4116-8069-816f78a2247c • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-20001 – Injection in fish
https://notcve.org/view.php?id=CVE-2022-20001
14 Mar 2022 — fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. ... Como medida de mitigación, elimina la función "fish_git_prompt" del prompt An arbitrary code execution vulnerability was disovered in fish, a command line shell. • https://github.com/fish-shell/fish-shell/pull/8589 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-24578 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2022-24578
14 Mar 2022 — GPAC versión 1.0.1, está afectado por un desbordamiento de búfer en la región heap de la memoria en la función SFS_AddString() en el archivo bifs/script_dec.c Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://huntr.dev/bounties/1691cca3-ab54-4259-856b-751be2395b11 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-26967 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2022-26967
12 Mar 2022 — Puede desencadenarse por medio de MP4Box Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. • https://github.com/gpac/gpac/issues/2138 • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 92EXPL: 0CVE-2022-24421
https://notcve.org/view.php?id=CVE-2022-24421
11 Mar 2022 — A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. • https://www.dell.com/support/kbdoc/en-us/000197057/dsa-2022-053 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.2EPSS: 0%CPEs: 92EXPL: 0CVE-2022-24420
https://notcve.org/view.php?id=CVE-2022-24420
11 Mar 2022 — A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. • https://www.dell.com/support/kbdoc/en-us/000197057/dsa-2022-053 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.2EPSS: 0%CPEs: 92EXPL: 0CVE-2022-24419
https://notcve.org/view.php?id=CVE-2022-24419
11 Mar 2022 — A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. • https://www.dell.com/support/kbdoc/en-us/000197057/dsa-2022-053 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •