CVE-2022-32434

EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d...

Fixed CVEs in vim: CVE-2022-2183, CVE-2022-2182, CVE-2022-2207, CVE-2022-2210

CVE-2022-2182: when on line zero check the column is valid for line one - CVE-2022-2183: avoid going over the NUL at the end of the line - CVE-2022-2207: check the cursor column is more than zero - CVE-2022-2210: use zero offset when change removes all lines in a diff block...

CLSA-2022-1657817751 Fixed CVEs in vim: CVE-2022-2183, CVE-2022-2182, CVE-2022-2207, CVE-2022-2210

CVE-2022-2182: when on line zero check the column is valid for line one - CVE-2022-2183: avoid going over the NUL at the end of the line - CVE-2022-2207: check the cursor column is more than zero - CVE-2022-2210: use zero offset when change removes all lines in a diff block...

CLSA-2022-1657816156 Fixed CVEs in vim: CVE-2022-2210, CVE-2022-2183, CVE-2022-2207, CVE-2022-2182

CVE-2022-2182: when on line zero check the column is valid for line one - CVE-2022-2183: avoid going over the NUL at the end of the line - CVE-2022-2207: check the cursor column is more than zero - CVE-2022-2210: use zero offset when change removes all lines in a diff block...

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-2070)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Out-of-bounds Read CVE-2021-4166, CVE-2021-4193 - vim is vulnerable to Use After Free CVE-2021-4192 - vim is...

The vulnerability of the AES OCB mode in the OpenSSL library allows a hacker to disclose protected information.

The vulnerability of the AES OCB mode in the OpenSSL library, where the necessary encryption step is absent. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

Oracle Linux 9 : vim (ELSA-2022-5242)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5242 advisory. - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read - CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior -...

The vulnerability of the Microsoft Office suite, related to pointer offsets, allows a perpetrator to execute arbitrary code or gain full control over the application.

The vulnerability of the Microsoft Office package is related to a pointer offset issue during the processing of the cbHdrData element in the FEATHEADER field of BIFF format files. Exploiting this vulnerability allows an attacker to execute arbitrary code or gain full control over the application...

vim: Use of Out-of-range Pointer Offset in vim

A flaw was found in vim that causes an out-of-range pointer offset vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution...

vim: Out-of-range Pointer Offset

A vulnerability was found in Vim. The issue occurs when using a number in a string for the lambda name, triggering an out-of-range pointer offset vulnerability. This flaw allows an attacker to trick a user into opening a crafted script containing an argument as a number and then using it as a...

Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

vim security update

8.2.2637-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.2.2637-16.2 - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read 2:8.2.2637-16.1 - CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior - CVE-2022-0943 vim: Heap-based Buffer Overflow occu...

CVE-2022-32142

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a...

CVE-2022-32141

Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required...

CVE-2022-32142

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a...

PT-2022-21114 · 3S Smart Software Solutions · Codesys

Name of the Vulnerable Software and Affected Versions: CODESYS Products affected versions not specified Description: A buffer over-read issue exists, allowing a low privileged remote attacker to craft a request with an invalid offset. This can cause an internal buffer over-read, resulting in a...

CVE-2022-31307

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...

Nginx 资源管理错误漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx Inc. in the United States. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS version v0.7.2, which stems from a...

SUSE: Security Advisory (SUSE-SU-2022:2102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-1856)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...