SUSE CVE-2022-1629

Buffer Over-read in function findnextquote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution...

Medium: protobuf

Issue Overview: A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory. CVE-2021-22570 Affect...

Vim has a binary vulnerability (CNVD-2023-17836)

Vim is a cross-platform text editor. Vim suffers from a binary vulnerability that can be exploited by attackers to cause software crashes, memory modification, and remote execution...

SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2022:4591-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4591-1 advisory. - In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of...

protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory...

Acer Extensa Series 安全漏洞

Acer Extensa Series is a line of laptops from Acer, a Chinese company. The Acer Extensa Series suffers from a security vulnerability that stems from its HQSwSmiDxe DXE driver that allows an attacker with elevated privileges to modify the UEFI Secure Boot settings by modifying the NVRAM variable...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio (CVE-2022-3676)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass securit...

Debian dla-3204 : vim - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3204 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3204-1 [email protected]...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2022:4050-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4050-1 advisory. - In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of minimasks function could...

Debian dla-3182 : vim - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3182 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3182-1 [email protected]...

Integer overflow

Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a...

Azure RTOS FileX 数字错误漏洞

Azure RTOS FileX is an open source FAT-compatible file system for Azure RTOS. A security vulnerability exists in Azure RTOS FileX versions prior to 6.2.0, which stems from fault-tolerance features including integer underflow and overflow, and can be exploited to implement a buffer overflow and...

CVE-2022-39343

Azure RTOS FileX (FAT file system in Azure RTOS ThreadX) prior to version 6.2.0 is affected by an integer underflow/overflow in the Fault Tolerant feature, enabling a potential buffer overflow and memory modification when processing fault-tolerant logs. Specifically, a log entry with FX_FAULT_TOL...

CVE-2022-39343 Azure RTOS FileX vulnerable to Buffer Offerflow

Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a vali...

CVE-2022-3676

In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type...

CVE-2022-32166

A flaw was found in OpenVSwitch. Versions 0.90.0 through 2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and remote...

CVE-2022-32166

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...

CVE-2022-32166

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...

CVE-2022-32166

Open vSwitch (Openvswitch) is affected by CVE-2022-32166 for versions v0.90.0 through v2.5.0, due to a heap/buffer over-read in flow.c caused by an unsafe minimasks comparison. The vulnerability can crash the software, enable memory modification, and may allow remote execution. Public documents i...

CVE-2022-32166 ovs - buffer over-read

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...