| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. |
| Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. |
| Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. |
| Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. |
| A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| vim is vulnerable to Heap-based Buffer Overflow |
| vim is vulnerable to Heap-based Buffer Overflow |
| Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14. |
| The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. A restricted resource, access to which would ordinarily be detected, may be exfiltrated from the backend, despite being protected by a web application firewall that uses CRS. Short subsections of a restricted resource may bypass pattern matching techniques and allow undetected access. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively and to configure a CRS paranoia level of 3 or higher. |
