4058 matches found
SUSE CVE-2022-4398
Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0...
SUSE CVE-2022-21440
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
SUSE CVE-2022-21716
Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach...
SUSE CVE-2022-22817
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...
SUSE CVE-2022-23901
A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc...
SUSE CVE-2022-23951
In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs...
SUSE CVE-2022-24191
In HTMLDOC 1.9.14, an infinite loop in the gifreadlzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow...
SUSE CVE-2022-24939
A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error...
SUSE CVE-2022-25147
Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions...
SUSE CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
SUSE CVE-2022-27418
Tcpreplay v4.4.1 has a heap-based buffer overflow in dochecksummath at /tcpedit/checksum.c...
SUSE CVE-2022-27446
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemcmpfunc.h...
SUSE CVE-2022-27774
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTPS redirects is used with authentication could leak credentials to other services that exist on different protocols ...
SUSE CVE-2022-27775
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead...
SUSE CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
SUSE CVE-2022-27782
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...
SUSE CVE-2022-28041
stbimage.h v2.27 was discovered to contain an integer overflow via the function stbijpegdecodeblockprogdc. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...
SUSE CVE-2022-28487
Tcpreplay version 4.4.1 contains a memory leakage flaw in fixipv6checksums function. The highest threat from this vulnerability is to data confidentiality...
SUSE CVE-2022-31117
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is...
SUSE CVE-2022-31650
In SoX 14.4.2, there is a floating-point exception in lsxaiffstartwrite in aiff.c in libsox.a...