CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2021-3700
https://notcve.org/view.php?id=CVE-2021-3700
A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination. Se ha encontrado una vulnerabilidad de uso de memoria previamente liberada en usbredir en versiones anteriores a 0.11.0, en la función usbredirparser_serialize() en el archivo usbredirparser/usbredirparser.c. Este problema es producido cuando son serializados grandes cantidades de datos de escritura en búfer en el caso de un destino lento o bloqueado • https://bugzilla.redhat.com/show_bug.cgi?id=1992830 https://gitlab.freedesktop.org/spice/usbredir/-/commit/03c519ff5831ba https://lists.debian.org/debian-lts-announce/2022/03/msg00030.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2021-3596
https://notcve.org/view.php?id=CVE-2021-3596
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. Se ha encontrado un fallo de desreferencia de puntero NULL en ImageMagick en versiones anteriores a 7.0.10-31 en la función ReadSVGImage() en el archivo coders/svg.c. Este problema es debido a que no es comprobado el valor de retorno de xmlCreatePushParserCtxt() de libxml2 y es usado el valor directamente, conllevando a un fallo de bloqueo y segmentación • https://bugzilla.redhat.com/show_bug.cgi?id=1970569 https://github.com/ImageMagick/ImageMagick/issues/2624 https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0529
https://notcve.org/view.php?id=CVE-2022-0529
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en Unzip. La vulnerabilidad se produce durante la conversión de una cadena amplia a una cadena local que conduce a un montón de escritura fuera de límites. • https://bugzilla.redhat.com/show_bug.cgi?id=2051395 https://github.com/ByteHackr/unzip_poc https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html https://security.gentoo.org/glsa/202310-17 https://www.debian.org/security/2022/dsa-5202 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 23EXPL: 1CVE-2022-0530
https://notcve.org/view.php?id=CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en Unzip. La vulnerabilidad se produce durante la conversión de una cadena amplia a una cadena local que conduce a un montón de escritura fuera de límites. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://bugzilla.redhat.com/show_bug.cgi?id=2051395 https://github.com/ByteHackr/unzip_poc https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html https://security.gentoo.org/glsa/202310-17 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://www. •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 3CVE-2021-45417 – aide: heap-based buffer overflow on outputs larger than B64_BUF
https://notcve.org/view.php?id=CVE-2021-45417
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. AIDE versiones anteriores a 0.17.4, permite a usuarios locales obtener privilegios de root por medio de metadatos de archivo diseñados (como atributos extendidos de XFS o ACLs de tmpfs), debido a un desbordamiento de búfer en la región heap de la memoria A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large (<16k) extended file attributes or ACL. • http://www.openwall.com/lists/oss-security/2022/01/20/3 https://lists.debian.org/debian-lts-announce/2022/01/msg00024.html https://security.gentoo.org/glsa/202311-07 https://www.debian.org/security/2022/dsa-5051 https://www.ipi.fi/pipermail/aide/2022-January/001713.html https://www.openwall.com/lists/oss-security/2022/01/20/3 https://access.redhat.com/security/cve/CVE-2021-45417 https://bugzilla.redhat.com/show_bug.cgi?id=2041489 • CWE-787: Out-of-bounds Write •