CVE-2022-43044

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gfisomgetmetaiteminfo at /isomedia/meta.c...

CVE-2022-42086

Tenda AX1803 USAX1803v2.0brv1.0.0.12994CNZGYD014 is vulnerable to Cross Site Request Forgery CSRF via function TendaAteMode...

PT-2022-34834 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.146 Description: The issue is related to a potential stack overflow in the mlxbf i2c smbus start transaction function. The actual impact and attack plausibility have not yet been proven. Recommendations: F...

CVE-2022-40827

B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php where function. Note: Multiple third parties have disputed this as not a valid vulnerability...

CVE-2022-2928

In ISC DHCP 4.4.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is called from addoption, it increases the option's refcount field. However, there is not a corresponding call to optiondereference to decrement the refcount field. The function addoption is on...

CVE-2022-41846

An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp...

Information disclosure

In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support. In order to avoid this, we disabled the groovy function support by default from Pinot release 0.11.0. See...

PT-2022-14159 · Zephyrproject +1 · Zephyr

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned. Description: The issue occurs in the tcp flags function within the subsys/net/ip/tcp.c file. When the incoming parameter flags is set to ECN or CWR, it causes an out-of-bounds write of a byte with...

PT-2022-37232 · Git +1 · Cras

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of Use-of-uninitialized-value. The crash state involves several functions: dbus marshal write basic, dbus type write...

CVE-2022-36747

Razor v0.8.0 was discovered to contain a cross-site scripting XSS vulnerability via the function uploadchannel...

CVE-2022-0644

Removed by vendor...

CVE-2022-37094

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EditBasicSSID5G...

CVE-2022-36469

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById...

PT-2022-24101 · Tenda · Tenda Ax1803

Name of the Vulnerable Software and Affected Versions: Tenda AX1803 version 1.0.0.1 Description: A stack overflow issue was discovered in the Tenda AX1803, specifically via the function fromSetRouteStatic. Recommendations: For Tenda AX1803 version 1.0.0.1, consider disabling the fromSetRouteStati...

CVE-2022-36191

CVE-2022-36191 affects GPAC (gf_isom_dovi_config_get in isomedia/avc_ext.c:2490) where a heap-buffer-overflow could be triggered by MP4Box. The vulnerability is characterized by local attack vector with user interaction (per NVD) and can lead to high impact on availability. The issue has a public...

PT-2022-24302 · Xpdf · Xpdf

Name of the Vulnerable Software and Affected Versions: XPDF affected versions not specified Description: A segmentation violation was discovered in XPDF via the DCTStream::readMCURow function at /xpdf/Stream.cc. Recommendations: At the moment, there is no information about a newer version that...

Integer overflow

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

CVE-2022-28700

Authenticated Arbitrary File Creation via Export function vulnerability in GiveWP's GiveWP plugin = 2.20.2 at WordPress...

CVE-2022-32115

An issue in the isSVG function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file...

Out-of-bound write in function parse_command_modifiers

Description Out-of-bounds write in function parsecommandmodifiers at exdocmd.c:3123 Version commit c101abff4c6756db4f5e740fde289decb9452efa HEAD - master, tag: v8.2.5164 Proof of Concept guest@elk:/trung$ ./vim3/src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ./poc/poc4min -c :qa!...