CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2021-46667 – mariadb: Integer overflow in sql_lex.cc integer leading to crash
https://notcve.org/view.php?id=CVE-2021-46667
MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash. MariaDB versiones anteriores a 10.6.5, presenta un desbordamiento de enteros en el archivo sql_lex.cc, conllevando a un bloqueo de la aplicación An integer overflow vulnerability was found in MariaDB, where an invalid size of ref_pointer_array is allocated. This issue results in a denial of service. • https://jira.mariadb.org/browse/MDEV-26350 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/s • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2021-46668 – mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements
https://notcve.org/view.php?id=CVE-2021-46668
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. MariaDB versiones hasta 10.5.9, permite un bloqueo de la aplicación por medio de determinadas sentencias SELECT DISTINCT largas que interactúan inapropiadamente con las limitaciones de recursos del motor de almacenamiento para las estructuras de datos temporales • https://jira.mariadb.org/browse/MDEV-25787 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/s • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0417 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0417
Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. Un desbordamiento de búfer basado en Heap Repositorio de GitHub vim/vim anterior a 8.2 • https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP https://secur • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.9EPSS: 18%CPEs: 42EXPL: 3CVE-2021-44142 – Samba fruit_pwrite Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44142
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. El módulo vfs_fruit de Samba usa atributos de archivo extendidos (EA, xattr) para proporcionar "...compatibilidad mejorada con los clientes SMB de Apple e interoperabilidad con un servidor de archivos AFP de Netatalk 3". Samba versiones anteriores a 4.13.17, 4.14.12 y 4.15.5 con vfs_fruit configurado permiten una lectura y escritura fuera de límites de la pila por medio de atributos de archivo extendidos especialmente diseñados. • https://github.com/horizon3ai/CVE-2021-44142 https://github.com/gudyrmik/CVE-2021-44142 https://github.com/hrsman/Samba-CVE-2021-44142 https://bugzilla.samba.org/show_bug.cgi?id=14914 https://kb.cert.org/vuls/id/119678 https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2021-44142.html https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin https://access.redhat&# • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 3CVE-2022-24130
https://notcve.org/view.php?id=CVE-2022-24130
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. xterm versiones hasta el Parche 370, cuando el soporte Sixel está habilitado, permite a atacantes desencadenar un desbordamiento de búfer en el archivo set_sixel en graphics_sixel.c por medio de texto diseñado • https://invisible-island.net/xterm/xterm.log.html https://lists.debian.org/debian-lts-announce/2022/02/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BP5Y4O7WBNLV24D22E6LE7RQFYOUVD2U https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4CWYYEBT6AJRJBBQU2KLUOQDHRM7WAV https://security.gentoo.org/glsa/202208-22 https://twitter.com/nickblack/status/1487731459398025216 https://www.openwall.com/lists/oss-security/2022/01/30/ • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •