CVE-2022-25740

CVE-2022-25740 affects Qualcomm modem firmware/chipsets. The issue is described as memory corruption caused by a buffer overwrite when building an IPv6 multicast address from the interface MAC. CVSS 3.1 base score 9.8 (Network, Low attack complexity, No privileges, No user interaction; impact to ...

CVE-2022-25678

CVE-2022-25678 relates to memory corruption in Qualcomm modem chipsets caused by a buffer overwrite during a CoAP connection. The vulnerability’s root cause is a buffer overwrite in the modem, with impact described as memory correction. Affects Qualcomm chipsets’ modems; CVSS v3.1 base score 9.8 ...

PT-2023-12792 · Qualcomm · Snapdragon +12

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue involves a memory correction in the modem due to a buffer overwrite that occurs during a coap connection. Recommendations: At the moment, there is no information about a...

zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large number of distant matches crafted payloads, the buffer into which the compressed or deflated data is written...

PHP 安全漏洞

PHP is a scripting language for PHP that is executed server-side. A security vulnerability in PHP versions 8.0.X prior to 8.0.28, 8.1.X prior to 8.1.16, and 8.2.X prior to 8.2.3 stems from a byte after an allocated buffer being overwritten by a NULL value, which could lead to unauthorized data...

SUSE CVE-2007-3506

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

PT-2022-35473 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue is related to the soundwire cadence, where msg-buf is overwritten during write commands. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

PT-2022-34977 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the soundwire cadence, where msg-buf is overwritten during write commands. The actual impact and attack plausibility have not yet been proven. Recommendations: For Lin...

Heap overflow

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000printpage function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service...

CVE-2020-27792

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000printpage function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service...

libass: Denial of service

Background libass is a portable subtitle renderer for the ASS/SSA Advanced Substation Alpha/Substation Alpha subtitle format. Description A one-byte buffer overwrite in ASS font decoding could trigger an assertion failure resulting in denial of service. Impact An attacker with control over the AS...

Mageia: Security Advisory (MGASA-2022-0269)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated gdk-pixbuf2.0 packages fix security vulnerability

It was discovered that gdk-pixbuf contained a buffer overwrite in io-gif-animation.c compositeframe exploitable using a crafted GIF CVE-2021-46829...

MGASA-2022-0269 Updated gdk-pixbuf2.0 packages fix security vulnerability

It was discovered that gdk-pixbuf contained a buffer overwrite in io-gif-animation.c compositeframe exploitable using a crafted GIF CVE-2021-46829...

CLSA-2022-1655320860 Fixed CVEs in vim: CVE-2022-1927, CVE-2022-1897

CVE-2022-1897: fix substitution which overwrites an allocated buffer - CVE-2022-1927: fix invalid cursor position after '0;' range...

RHEL 8 : kernel-rt (RHSA-2022:1975)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1975 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

kernel: Buffer overwrite in decode_nfs_fh function

An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with NFS. A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: Buffer overwrite in decode_nfs_fh function

An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with NFS. A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system...

zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large number of distant matches crafted payloads, the buffer into which the compressed or deflated data is written...