Page 48 of 1100 results (0.012 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2022-2284 – Heap-based Buffer Overflow in vim/vim

https://notcve.org/view.php?id=CVE-2022-2284

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. Un Desbordamiento del Búfer en la Región Heap de la Memoria en el repositorio de GitHub vim/vim versiones anteriores a 9.0 • https://github.com/vim/vim/commit/3d51ce18ab1be4f9f6061568a4e7fabf00b21794 https://huntr.dev/bounties/571d25ce-8d53-4fa0-b620-27f2a8a14874 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK https://security.gentoo.org/glsa/202208-32 https://security.gentoo.org/glsa/202305-16 • CWE-122: Heap-based Buffer Overflow •

CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 1

CVE-2022-2287 – Out-of-bounds Read in vim/vim

https://notcve.org/view.php?id=CVE-2022-2287

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. Una Lectura Fuera de Límites en el repositorio GitHub vim/vim versiones anteriores a 9.0 • https://github.com/vim/vim/commit/5e59ea54c0c37c2f84770f068d95280069828774 https://huntr.dev/bounties/654aa069-3a9d-45d3-9a52-c1cf3490c284 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK https://security.gentoo.org/glsa/202208-32 https://security.gentoo.org/glsa/202305-16 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2022-2286 – Out-of-bounds Read in vim/vim

https://notcve.org/view.php?id=CVE-2022-2286

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. Una Lectura Fuera de Límites en el repositorio de GitHub vim/vim versiones anteriores a 9.0 • https://github.com/vim/vim/commit/f12129f1714f7d2301935bb21d896609bdac221c https://huntr.dev/bounties/fe7681fb-2318-436b-8e65-daf66cd597d8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK https://security.gentoo.org/glsa/202208-32 https://security.gentoo.org/glsa/202305-16 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2

CVE-2022-34903 – gpg: Signature spoofing via status line injection

https://notcve.org/view.php?id=CVE-2022-34903

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. GnuPG versiones hasta 2.3.6, en situaciones inusuales en las que un atacante posee cualquier información de clave secreta del llavero de la víctima y son cumplidos en otras restricciones (por ejemplo, el uso de GPGME), permite una falsificación de firmas por medio de la inyección en la línea de estado A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the write_status_text_and_buffer() function in g10/cpr.c. This flaw allows a malicious actor to bypass access control. • http://www.openwall.com/lists/oss-security/2022/07/02/1 https://bugs.debian.org/1014157 https://dev.gnupg.org/T6027 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL https://lists.fedoraproject.org/archives • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 3

CVE-2022-33099 – lua: heap buffer overflow in luaG_errormsg() in ldebug.c due to uncontrolled recursion in error handling

https://notcve.org/view.php?id=CVE-2022-33099

An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs. Un problema en el componente luaG_runerror de Lua versiones v5.4.4 y posteriores, conlleva a un desbordamiento del búfer de la pila cuando es producido un error recursivo A vulnerability was found in Lua. During error handling, the luaG_errormsg() component uses slots from EXTRA_STACK. Some errors can recur such as a string overflow while creating an error message in 'luaG_runerror', or a C-stack overflow before calling the message handler, causing a crash that leads to a denial of service. • https://github.com/lua/lua/commit/42d40581dd919fb134c07027ca1ce0844c670daf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RJNJ66IFDUKWJJZXHGOLRGIA3HWWC36R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHYZOEFDVLVAD6EEP4CDW6DNONIVVHPA https://lua-users.org/lists/lua-l/2022-05/msg00035.html https://lua-users.org/lists/lua-l/2022-05/msg00042.html https://lua-users.org/lists/lua-l/2022-05/msg00073.html https://www.lua.org/ • CWE-787: Out-of-bounds Write •