1447 matches found
CLSA-2022-1665680932 Fix CVE(s): CVE-2022-3296, CVE-2022-3324
SECURITY UPDATE: Buffer underflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: Check CSFTRY can be found - CVE-2022-3296 SECURITY UPDATE: Using negative array index with negative width window - debian/patches/CVE-2022-3324.patch: Make sure the window width does not become negati...
CVE-2022-33896
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...
CVE-2022-33896
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...
Buffer overflow
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...
CVE-2022-33896
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...
CVE-2022-33896
Hancom Office 2020 (Hword) vulnerability CVE-2022-33896 is a heap/buffer underflow in Hword when parsing XML-based documents. A specially crafted malicious .docx can trigger memory corruption by using memory before the allocation, potentially enabling arbitrary code execution. Affected version: H...
CVE-2022-33896
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...
OSV-2022-1021 Stack-buffer-underflow in gs_type2_interpret
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52145 Crash type: Stack-buffer-underflow READ 4 Crash state: gstype2interpret gstype1glyphinfo pdficffglyphinfo...
PT-2022-21893 · Hancom · Hancom Office 2020
Name of the Vulnerable Software and Affected Versions: Hancom Office 2020 version 11.0.0.5357 Description: A buffer underflow issue exists in the way Hword of Hancom Office 2020 parses XML-based office files. This can be triggered by a specially-crafted malformed file, causing memory corruption b...
PT-2022-36667 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read error. Technical details include the crash type and state, which involve functions such as gs type2...
Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability
Talos Vulnerability Report TALOS-2022-1574 Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability October 4, 2022 CVE Number CVE-2022-33896 SUMMARY A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A...
OSV-2022-866 Stack-buffer-underflow in gs_type2_interpret
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51089 Crash type: Stack-buffer-underflow READ 4 Crash state: gstype2interpret copiedtype1glyphoutline gsdefaultglyphinfo...
PT-2022-37262 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read error. Technical details about the crash include the functions gs type2 interpret, copied type1 gly...
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
...
OSV-2022-724 Stack-buffer-underflow in gs_type2_interpret
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50306 Crash type: Stack-buffer-underflow READ 4 Crash state: gstype2interpret copiedtype1glyphoutline gsdefaultglyphinfo...
PT-2022-37189 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read error. Technical details about the crash include the functions gs type2 interpret, copied type1 gly...
VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities
3. Return-Stack-Buffer-Underflow CVE-2022-29901, CVE-2022-28693, CVE-2022-26373 and Branch Type Confusion CVE-2022-23816, CVE-2022-23825 vulnerabilities VMware ESXi contains Return-Stack-Buffer-Underflow CVE-2022-29901, CVE-2022-28693, CVE-2022-26373 and Branch Type Confusion CVE-2022-23816,...
VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities
3. Return-Stack-Buffer-Underflow CVE-2022-29901, CVE-2022-28693, CVE-2022-26373 and Branch Type Confusion CVE-2022-23816, CVE-2022-23825 vulnerabilities VMware ESXi contains Return-Stack-Buffer-Underflow CVE-2022-29901, CVE-2022-28693, CVE-2022-26373 and Branch Type Confusion CVE-2022-23816,...
VMSA-2022-0020:VMware ESXi addresses Return-Stack-Buffer-UnderfLOW and Branch Type Confusion vulnerabilities
Advisory ID: VMSA-2022-0020.2 CVSSv3 Range: 5.6 Issue Date:2022-07-12 Updated On: 2022-10-25 CVEs: CVE-2022-29901, CVE-2022-28693, CVE-2022-23816, CVE-2022-23825, CVE-2022-26373 Synopsis: VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities RSS Feed Downlo...
Updated exempi packages fix security vulnerability
XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...