CVE-2022-35000

JPEGDEC commit be4843c was discovered to contain a segmentation fault via fseek at /libio/fseek.c...

CVE-2022-35044

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x617087...

CVE-2022-35062

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0bc3...

CVE-2022-35080

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via pngload at /lib/png.c...

CVE-2022-35035

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b559f...

CVE-2022-35048

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0b2c...

CVE-2022-35066

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b8...

CVE-2022-35039

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e20a0...

CVE-2022-35040

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567...

CVE-2022-35022

OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae...

CVE-2022-35059

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0414...

CVE-2022-35060

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0a32...

CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2023-4522

An issue has been discovered in GitLab affecting all versions before 16.2.0. Committing directories containing LF character results in 500 errors when viewing the commit...

CVE-2022-31038

Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 DisplayName does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes DisplayName...

CVE-2022-35940

TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...

CVE-2022-35966

TensorFlow is an open source platform for machine learning. If QuantizedAvgPool is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

CVE-2023-45319

In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service DoS via the commit function was identified. Reported by Jason Geffner...

CVE-2023-31123

effectindex/tripreporter is a community-powered, universal platform for submitting and analyzing trip reports. Prior to commit bd80ba833b9023d39ca22e29874296c8729dd53b, any user with an account on an instance of effectindex/tripreporter, e.g. subjective.report, may be affected by an improper...

CVE-2022-35938

TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. This issue has been...