Export limit exceeded: 43824 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43824 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24130 | 3 Debian, Fedoraproject, Invisible-island | 3 Debian Linux, Fedora, Xterm | 2024-11-21 | 5.5 Medium |
| xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. | ||||
| CVE-2022-24107 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | 7.8 High |
| Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. | ||||
| CVE-2022-24106 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | 7.8 High |
| In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. | ||||
| CVE-2022-24063 | 1 Santesoft | 1 Dicom Viewer Pro | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15105. | ||||
| CVE-2022-24060 | 1 Santesoft | 1 Dicom Viewer Pro | 2024-11-21 | 5.5 Medium |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. Crafted data in a DCM file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15099. | ||||
| CVE-2022-24055 | 1 Santesoft | 1 Dicom Viewer Pro | 2024-11-21 | 5.5 Medium |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14972. | ||||
| CVE-2022-24052 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16190. | ||||
| CVE-2022-24051 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | ||||
| CVE-2022-24050 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207. | ||||
| CVE-2022-24049 | 1 Sonos | 3 One, S1, S2 | 2024-11-21 | 9.8 Critical |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the ALAC audio codec. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15798. | ||||
| CVE-2022-24048 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191. | ||||
| CVE-2022-24046 | 1 Sonos | 3 One, S1, S2 | 2024-11-21 | 8.8 High |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the anacapd daemon. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15828. | ||||
| CVE-2022-23937 | 1 Windriver | 1 Vxworks | 2024-11-21 | 5.3 Medium |
| In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario. | ||||
| CVE-2022-23884 | 1 Minecraft | 1 Bedrock Server | 2024-11-21 | 9.8 Critical |
| Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer). | ||||
| CVE-2022-23868 | 1 Ruoyi | 1 Ruoyi | 2024-11-21 | 7.8 High |
| RuoYi v4.7.2 contains a CSV injection vulnerability through ruoyi-admin when a victim opens .xlsx log file. | ||||
| CVE-2022-23823 | 1 Amd | 284 A10-9600p, A10-9600p Firmware, A10-9630p and 281 more | 2024-11-21 | 6.5 Medium |
| A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. | ||||
| CVE-2022-23805 | 2 Microsoft, Trendmicro | 2 Windows, Worry-free Business Security | 2024-11-21 | 7.1 High |
| A security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local attacker to send garbage data to a specific named pipe and crash the server. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2022-23773 | 3 Golang, Netapp, Redhat | 12 Go, Beegfs Csi Driver, Cloud Insights Telegraf Agent and 9 more | 2024-11-21 | 7.5 High |
| cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. | ||||
| CVE-2022-23772 | 4 Debian, Golang, Netapp and 1 more | 13 Debian Linux, Go, Beegfs Csi Driver and 10 more | 2024-11-21 | 7.5 High |
| Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. | ||||
| CVE-2022-23747 | 1 Sony | 6 Xperia 1, Xperia 1 Firmware, Xperia 5 and 3 more | 2024-11-21 | 9.8 Critical |
| In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback. | ||||