PT-2022-36654 · Git +1 · Skia

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the SkRect::setBoundsCheck, SkEdgeClipper::clipCubic...

CVE-2022-22629

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2022-22629

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution...

PT-2022-24465 · 10 Strike · 10-Strike Network Inventory Explorer

Name of the Vulnerable Software and Affected Versions: 10-Strike Network Inventory Explorer version 9.3 Description: A buffer overflow issue was discovered in the Add Computers function of the software. Recommendations: For version 9.3, consider disabling the Add Computers function until a patch ...

SUSE-SU-2022:2846-1 Security update for zlib

This update for zlib fixes the following issues: - CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field bsc1202175...

PT-2022-21468 · Apple · Ipados +5

Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 8.7 tvOS versions prior to 15.6 iOS versions prior to 15.6 iPadOS versions prior to 15.6 macOS Monterey versions prior to 12.5 Description: A buffer overflow issue was addressed with improved bounds checking, which m...

PT-2022-9990 · Qualcomm · Snapdragon Iot +5

Name of the Vulnerable Software and Affected Versions: Snapdragon Mobile affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Auto affected versions not specified Snapdragon IOT affected versions not specified Snapdragon Connectivity affected versions not...

macOS 11.x < 11.6.6 Multiple Vulnerabilities (HT213256)

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.6.6. It is, therefore, affected by multiple vulnerabilities: - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 - A logic issue...

SUSE-SU-2022:0928-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in modsed bsc1197098. - CVE-2022-22720: HTTP request smuggling due to incorrect error handling bsc1197095. - CVE-2022-22719: use of uninitialized value of in r:parsebody in modlua bsc1197091. -...

SUSE-SU-2022:0263-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19783 fixes several issues. The following security issues were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi...

OPENSUSE-SU-2022:0058-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 91.4.1 - CVE-2021-4126: OpenPGP signature status doesn't consider additional message content. bsc1194215 - CVE-2021-44538: Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow...

PT-2021-13680 · Qualcomm · Snapdragon Industrial Iot +6

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto versions prior to the fixed version Snapdragon Compute versions prior to the fixed version Snapdragon Connectivity versions prior to the fixed version Snapdragon Consumer IOT versions prior to the fixed version Snapdragon...

CVE-2021-28972

In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because...

Arbitrary Code Execution

libcaca.so is vulnerable to denial of service DoS. An attacker is able to input a malicious string to call the cacaimportcanvasfrommemory function, causing a buffer overflow issue in the cacaresize function in libcaca/caca/canvas.c...

SUSE-SU-2021:0432-1 Security update for python

This update for python fixes the following issues: - buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution bsc1181126, CVE-2021-3177. - Provide the newest setuptools wheel bsc1176262, CVE-2019-20916 in their correct form bsc1180686...

SoftMaker Office PlanMaker Buffer Overflow Vulnerability (CNVD-2021-14028)

SoftMaker Office PlanMaker is a spreadsheet suite in office software that supports multiple platforms. A buffer overflow vulnerability exists in the SoftMaker Office PlanMaker Version/Instance 0x0005/0x0016 field handling, which can be exploited by an attacker to crash the application or execute...

About the security content of watchOS 7.0 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

SUSE-SU-2020:2582-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-14314: Fixed a potential negative array index in dosplit bsc1173798. - CVE-2020-14331: Fixed a missing check in vgacon scrollback handling bsc1174205. -...

NewStart CGSL MAIN 4.05 : qemu-kvm Multiple Vulnerabilities (NS-SA-2020-0019)

The remote NewStart CGSL host, running version MAIN 4.05, has qemu-kvm packages installed that are affected by multiple vulnerabilities: - mcat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. CVE-2018-11806 - Qemu emulator = 3.0.0 built with the NE2000...

CVE-2019-14027

CVE-2019-14027 concerns a buffer overflow caused by missing upper-bound checks on a channel length used in a loop, affecting Qualcomm closed-source components (per CVE entries in NVD/Red Hat/CVE feeds). The issue is classified as High severity with local exposure in Snapdragon-related Qualcomm co...