CVE-2022-38496

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

CVE-2022-37237

An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Affected version is below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327...

CVE-2022-38231

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar at /xpdf/Stream.cc...

CVE-2022-36143

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via interceptorstrlen.part at /sanitizercommon/sanitizercommoninterceptors.inc...

CVE-2022-36140

SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::DeclareFunction2::writeSWF::Writer, SWF::Context...

CVE-2022-36004

TensorFlow is an open source platform for machine learning. When tf.random.gamma receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included i...

CVE-2022-36144

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64encode...

CVE-2022-35058

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05ce...

CVE-2022-35051

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b55af...

CVE-2022-35054

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6171b2...

CVE-2022-35036

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e1fc8...

CVE-2022-35046

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0466...

CVE-2022-35002

JPEGDEC commit be4843c was discovered to contain a segmentation fault via TIFFSHORT at /src/jpeg.inl...

CVE-2022-34640

The tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect...

CVE-2022-34634

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception...

CVE-2022-33021

CVA6 commit 909d85a accesses invalid memory when reading the value of MHPMCOUNTER30...

CVE-2022-29368

Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c...

CVE-2022-34635

The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty...

CVE-2022-25023

Audio File commit 004065d was discovered to contain a heap-buffer overflow in the function fouBytesToInt:AudioFile.h...

CVE-2022-24875

The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the org.conroller.js code would erroneously log user secrets. This has been resolved in commit 46d98f2b and should be available in subsequent versions of the software...