Page 98 of 703 results (0.019 seconds)

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1

Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call. Desbordamiento de búfer basado en heap en sqbaselib.cpp en SQUIRREL 3.2 debido a la falta de una determinada llamada sq_reservestack • https://github.com/sprushed/CVE-2022-30292 https://github.com/albertodemichelis/squirrel/commit/a6413aa690e0bdfef648c68693349a7b878fe60d https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV7SJJ44AGAX4ILIVPREIXPJ2GOG3FKV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMIKSVTKNU5FRCUUNAYMCQLOJA3K3S2I https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M3FQILX7UUEERSDPMZP3MKGTMY2E7ESU https://lists.fedoraproject.org/archives/list/package • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. El 4 de mayo de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en versiones 0.103.4, 0.103.5, 0.104.1 y 0.104.2 de Clam AntiVirus (ClamAV) podría permitir a un atacante local autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56 https://security.gentoo.org/glsa/202310-01 https://tools.cisco.com/security/center/content/CiscoSecuri • CWE-476: NULL Pointer Dereference CWE-822: Untrusted Pointer Dereference •

CVSS: 7.8EPSS: 4%CPEs: 12EXPL: 0

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos HTML de Clam AntiVirus (ClamAV) versiones 0.104.0 a 0.104.2 y LTS versión 0.103.5 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV. • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56 https://security.gentoo.org/glsa/202310-01 https://tools.cisco.com/security/center/content/CiscoSecuri • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.8EPSS: 2%CPEs: 11EXPL: 0

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos TIFF de Clam AntiVirus (ClamAV) versiones 0.104.0 a 0.104.2 y LTS versión 0.103.5 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV. • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56 https://security.gentoo.org/glsa/202310-01 https://tools.cisco.com/security/center/content/CiscoSecuri • CWE-399: Resource Management Errors •

CVSS: 8.6EPSS: 2%CPEs: 11EXPL: 0

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos CHM de Clam AntiVirus (ClamAV) versiones 0.104.0 hasta 0.104.2 y LTS versión 0.103.5 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV. • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56 https://security.gentoo.org/glsa/202310-01 https://tools.cisco.com/security/center/content/CiscoSecuri • CWE-399: Resource Management Errors •