Dell Client BIOS Multiple Vulnerabilities (DSA-2022-224)

The Dell BIOS on the remote device is missing a security patch and is, there, is affected by multiple vulnerabilities. - Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2306)

According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the 'i2c md' command enables the...

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2022-2306)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2335)

According to the versions of the uboot-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the 'i2c md' command enables th...

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-2336)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software,...

Stack overflow

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system...

CVE-2022-31226

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system...

SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:3229-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3229-1 advisory. - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability...

Amazon Linux 2022 : cifs-utils, cifs-utils-devel, cifs-utils-info (ALAS2022-2022-089)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-089 advisory. A stack-based buffer overflow issue was found in pifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges. CVE-2022-27239 A flaw was found...

CVE-2022-25308

A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service...

Stack overflow

A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service...

CVE-2022-25308

CVE-2022-25308 affects the Fribidi library with a stack-based buffer overflow that can cause memory corruption, memory leak, or denial of service. Connected advisories document the issue across multiple distributions. Remediation requires upgrading Fribidi to fixed versions (examples: >= 1.0.1...

Amazon Linux 2022 : vim-common, vim-data, vim-default-editor (ALAS2022-2022-077)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-077 advisory. A flaw was found in vim. The vulnerability occurs due to a crash when recording and using Select mode and leads to an out-of-bounds read. This flaw allows an attacker to input a specially craft...

Out-of-bounds Write

A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service...

CVE-2022-39843

123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain...

CVE-2022-39843

123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain...

CVE-2022-39843

CVE-2022-39843 affects 123elf Lotus 1-2-3 on Linux and Lotus 1-2-3 R3 on UNIX/other platforms. It is caused by a stack-based buffer overflow in the cell format processing routines, exploitable via a crafted worksheet and reachable through a w3r_format element in a wk3 document. Impact is arbitrar...

CVE-2022-22096

CVE-2022-22096 is a Qualcomm Bluetooth vulnerability in the Bluetooth HOST on Snapdragon platforms (Connectivity + Snapdragon Mobile) caused by a stack-based buffer overflow when extracting data via the command length parameter, leading to memory corruption. It is rated Critical (CVSS v3.1: 9.8, ...

CVE-2022-2895 Measuresoft ScadaPro Server Stack-based Buffer Overflow

Measuresoft ScadaPro Server All Versions uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file...

CVE-2022-1888

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...