CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27406 – Freetype: Segmentation violation via FT_Request_Size
https://notcve.org/view.php?id=CVE-2022-27406
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. Se ha detectado que el commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 de FreeType contenía una violación de segmentación por medio de la función FT_Request_Size A segmentation fault was found in FreeType’s FT_Request_Size() function in the ftobjs.c file. This flaw allows an attacker to access a memory location in a way that could cause an application to halt or crash, leading to a denial of service. • http://freetype.com https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/me • CWE-125: Out-of-bounds Read CWE-824: Access of Uninitialized Pointer •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 11CVE-2022-1015
https://notcve.org/view.php?id=CVE-2022-1015
A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. Se ha encontrado un fallo en el kernel de Linux en el archivo linux/net/netfilter/nf_tables_api.c del subsistema netfilter. Este fallo permite a un usuario local causar un problema de escritura fuera de límites • https://github.com/pqlx/CVE-2022-1015 https://github.com/ysanatomic/CVE-2022-1015 https://github.com/0range1337/CVE-2022-1015 https://github.com/more-kohii/CVE-2022-1015 https://github.com/delsploit/CVE-2022-1015 https://github.com/wlswotmd/CVE-2022-1015 https://github.com/pivik271/CVE-2022-1015 https://github.com/zanezhub/CVE-2022-1015-1016 http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016 http://packetstormsecurity.com/files/16995 • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1420 – Use of Out-of-range Pointer Offset in vim/vim
https://notcve.org/view.php?id=CVE-2022-1420
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. Uso de Offset de Puntero Fuera de Rango en el repositorio GitHub vim/vim versiones anteriores a 8.2.4774 A vulnerability was found in Vim. The issue occurs when using a number in a string for the lambda name, triggering an out-of-range pointer offset vulnerability. This flaw allows an attacker to trick a user into opening a crafted script containing an argument as a number and then using it as a string pointer to access any memory location, causing an application to crash and possibly access some memory. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/8b91e71441069b1dde9ac9ff9d9a829b1b4aecca https://huntr.dev/bounties/a4323ef8-90ea-4e1c-90e9-c778f0ecf326 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU https://security.gentoo.org/glsa/202208-32 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-29536
https://notcve.org/view.php?id=CVE-2022-29536
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. En GNOME Epiphany versiones anteriores a 41.4 y versiones 42.x anteriores a 42.2, un documento HTML puede desencadenar un desbordamiento del búfer del cliente (en ephy_string_shorten en el proceso de la interfaz de usuario) por medio de un título de página largo. El problema es producido porque el número de bytes para un carácter de elipsis UTF-8 no es considerado apropiadamente • https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1106 https://lists.debian.org/debian-lts-announce/2022/08/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLLDMY4JYDZTMZSCPSY23K5YW3SQYUR6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7YWVIUGFRA6GOE3QAPSJJ6EL3DJG5NX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5K5UPNHVWXDPSMBNSB2645MD2N5CXQS https://www.debian.org/security/ • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-24675 – golang: encoding/pem: fix stack overflow in Decode
https://notcve.org/view.php?id=CVE-2022-24675
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. encoding/pem en Go versiones anteriores a 1.17.9 y versiones 1.8.x anteriores a 1.8.1 tiene un desbordamiento de pila Decode a través de una gran cantidad de datos PEM. A buffer overflow flaw was found in Golang's library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability. • https://github.com/jfrog/jfrog-CVE-2022-24675 https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/oecdBNLOml8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY https://lists.fedoraproject.org/archives/list/package-announce% • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-674: Uncontrolled Recursion •