6900 matches found
RLSA-2022:6608 Moderate: dbus-broker security update
dbus-broker is an implementation of a message bus as defined by the D-Bus specification. Its aim is to provide high performance and reliability, while keeping compatibility to the D-Bus reference implementation. It is exclusively written for Linux systems, and makes use of many modern features...
Mozilla Firefox < 105.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 105.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-40 advisory. - Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing...
Mozilla Firefox < 105.0
The version of Firefox installed on the remote Windows host is prior to 105.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-40 advisory. - Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team...
KLA19256 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Memory safety vulnerability can be exploited to execute...
RHEL 9 : dbus-broker (RHSA-2022:6608)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6608 advisory. dbus-broker is an implementation of a message bus as defined by the D-Bus specification. Its aim is to provide high performance and...
CVE-2022-40152 Stack Buffer Overflow in Woodstox
Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks DOS if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...
CVE-2022-40151 Stack Buffer Overflow in xstream
Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...
CVE-2022-40151 Stack Buffer Overflow in xstream
Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...
CVE-2022-40149 Stack Buffer Overflow in Jettison
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...
CVE-2022-40149 Stack Buffer Overflow in Jettison
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...
CVE-2022-40150 Stack Buffer Overflow in Jettison
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack...
CVE-2022-40150 Stack Buffer Overflow in Jettison
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack...
OSV-2022-891 Stack-buffer-overflow in flb_env_var_translate
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51278 Crash type: Stack-buffer-overflow WRITE Crash state: flbenvvartranslate flbparserconffile configrandomfuzzer.c...
PT-2022-37277 · Git +1 · Fluent-Bit
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack buffer overflow error, as indicated by a crash report. The crash involves the flb env var translate and flb parser conf...
OSV-2022-888 Stack-buffer-overflow in gs_type2_interpret
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51275 Crash type: Stack-buffer-overflow READ 4 Crash state: gstype2interpret copiedtype1glyphoutline gsdefaultglyphinfo...
CVE-2022-33183. Stack buffer overflow using in “firmwaredownload” and “diagshow” commands.
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands. Affected Product All Brocade Fabric OS versions...
PT-2022-37275 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. Technical details include a crash state involving functions such as gs type2 interpret, copie...
SUSE: Security Advisory (SUSE-SU-2022:3229-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OSV-2022-872 Stack-buffer-overflow in PfxEntry::test_condition
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51134 Crash type: Stack-buffer-overflow READ 1 Crash state: PfxEntry::testcondition PfxEntry::checkword AffixMgr::prefixcheck...
PT-2022-37267 · Git +1 · Hunspell
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read, which occurs in the PfxEntry::test condition function, called by PfxEntry::checkword and...