NULL Pointer Dereference in function sug_filltree

Description NULL Pointer Dereference in function sugfilltree at vim/src/spellfile.c:5600. vim version git log commit 4875d6ab068f09df88d24d81de40dcd8d56e243d grafted, HEAD - master, tag: v9.0.0224, origin/master, origin/HEAD Proof of Concept ./vim -u NONE -X -Z -e -s -S /home/fuzz/test/poc2null.d...

CVE-2022-35433

ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c...

CVE-2022-34998

JPEGDEC commit be4843c was discovered to contain a global buffer overflow via JPEGDecodeMCU at /src/jpeg.inl...

CVE-2022-35003

JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src/jpeg.inl...

CVE-2022-35011

PNGDec commit 8abf6be was discovered to contain a global buffer overflow via inflatefast at /src/inffast.c...

CVE-2022-34999

JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl...

Memory corruption

ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c...

Buffer overflow

JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src/jpeg.inl...

CVE-2022-36148

fdkaac commit 53fe239 was discovered to contain a floating point exception FPE via wavopen at /src/wavreader.c...

CVE-2022-34998

JPEGDEC commit be4843c was discovered to contain a global buffer overflow via JPEGDecodeMCU at /src/jpeg.inl...

Remote Code Execution

react-editable-json-tree is vulnerable to remote code execution.The vulnerability exists in onSubmitValueParser prop which calls parse function in src/utils/parse.js because of missing sanitization of the parse parameters which allows a remote attacker to inject and execute malicious code into th...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. A security vulnerability exists in JPEGDEC that stems from a segmentation error in the TIFFSHORT module of the /src/jpeg.inl file...

Buffer Over-read in function utf_head_off

Description Buffer Over-read in function utfheadoff at vim/src/mbyte.c:3872 vim version git log commit 249e1b903a9c0460d618f6dcc59aeb8c03b24b20 grafted, HEAD - master, tag: v9.0.0213, origin/master, origin/HEAD Proof of Concept ./vim/src/vim -u NONE -X -Z -e -s -S poc3hbo.dat -c :qa!...

Fedora: Security Advisory for golang-gopkg-src-d-git-4 (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-gopkg-src-d-git-4-4.13.1-9.fc36

A highly extensible git implementation in pure go...

CVE-2022-34028

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njsutf8next at src/njsutf8.h...

CVE-2022-34031

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njsvaluetonumber at src/njsvalueconversion.h...

CVE-2022-34030

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njsdjbhash at src/njsdjbhash.c...

CVE-2022-34032

CVE-2022-34032 summary (data from provided sources) : Nginx NJS 0.7.5 contains a segmentation violation in the function njs_value_own_enumerate (src/njs_value.c). This CVE has a CVSS v3.1 base score of 7.5 (High): Attack Vector Network, Attack Complexity Low, Privileges Required None, User Intera...

CVE-2022-34031

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njsvaluetonumber at src/njsvalueconversion.h...