CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-3134 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-3134
Use After Free in GitHub repository vim/vim prior to 9.0.0389. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 9.0.0389 • https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://security.gentoo.org/glsa/202305-16 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-38750 – DoS in SnakeYAML
https://notcve.org/view.php?id=CVE-2022-38750
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. El uso de snakeYAML para analizar archivos YAML no confiables puede ser vulnerable a ataques de Denegación de Servicio (DOS). Si el analizador es ejecutado en la entrada suministrada por el usuario, un atacante puede suministrar el contenido que hace que el analizador sea bloqueado por stackoverflow A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash. • https://bitbucket.org/snakeyaml/snakeyaml/issues/526/stackoverflow-oss-fuzz-47027 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47027 https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html https://security.gentoo.org/glsa/202305-28 https://security.netapp.com/advisory/ntap-20240315-0010 https://access.redhat.com/security/cve/CVE-2022-38750 https://bugzilla.redhat.com/show_bug.cgi?id=2129707 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38749 – DoS in SnakeYAML
https://notcve.org/view.php?id=CVE-2022-38749
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. El uso de snakeYAML para analizar archivos YAML no confiables puede ser vulnerable a ataques de Denegación de Servicio (DOS). Si el analizador es ejecutado en la entrada suministrada por el usuario, un atacante puede suministrar el contenido que hace que el analizador sea bloqueado por stackoverflow A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service. • https://bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror-for-many-open https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47024 https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html https://security.gentoo.org/glsa/202305-28 https://security.netapp.com/advisory/ntap-20240315-0010 https://access.redhat.com/security/cve/CVE-2022-38749 https://bugzilla.redhat.com/show_bug.cgi?id=2129706 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38751 – DoS in SnakeYAML
https://notcve.org/view.php?id=CVE-2022-38751
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. El uso de snakeYAML para analizar archivos YAML no confiables puede ser vulnerable a ataques de Denegación de Servicio (DOS). Si el analizador es ejecutado en la entrada suministrada por el usuario, un atacante puede suministrar el contenido que hace que el analizador sea bloqueado por desbordamiento de pila A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash. • https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz-47039 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039 https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html https://security.gentoo.org/glsa/202305-28 https://security.netapp.com/advisory/ntap-20240315-0010 https://access.redhat.com/security/cve/CVE-2022-38751 https://bugzilla.redhat.com/show_bug.cgi?id=2129709 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-39842
https://notcve.org/view.php?id=CVE-2022-39842
An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.19. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19 https://github.com/torvalds/linux/commit/a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7 https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://lore.kernel.org/all/YylaC1wHHyLw22D3%40kadam/T https://www.debian.org/security/2022/dsa-5257 • CWE-190: Integer Overflow or Wraparound •