CVE-2022-35897

CVE-2022-35897 affects Insyde InsydeH2O kernel 5.0–5.5. A stack buffer overflow occurs when an attacker modifies certain UEFI variables, potentially causing arbitrary code execution. Exploitation requires direct SPI modification and the attacker must change at least two of three variables (Secure...

CVE-2022-35897

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overflow, leading to arbitrary code execution. The specific variables are normally...

OSV-2022-1188 Stack-buffer-overflow in authentic_get_tagged_data

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53536 Crash type: Stack-buffer-overflow READ 1 Crash state: authenticgettaggeddata authenticparsecredentialdata authenticpingetpolicy...

OSV-2022-1177 Stack-buffer-overflow in FLAC::Decoder::FuzzerDecoder::metadata_callback

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53454 Crash type: Stack-buffer-overflow WRITE 8 Crash state: FLAC::Decoder::FuzzerDecoder::metadatacallback FLAC::Decoder::Stream::metadatacallback readmetadata...

OSV-2022-1175 Stack-buffer-overflow in sc_path_print

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53417 Crash type: Stack-buffer-overflow READ 1 Crash state: scpathprint scselectfile scpkcs15initrmdir...

Oracle Linux 8 : libtiff (ELSA-2022-7585)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7585 advisory. 4.0.9-23 - Fix various CVEs - Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909 CVE-2022-090...

libtiff: stack-buffer-overflow in tiffcp.c in main()

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service...

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Denial of Service via crafted TIFF file CVE-2022-0561 libtiff: Null source pointer lead to Denial of Service via crafted TIFF file CVE-2022-0562 libtiff: reachable...

Updated binutils/gdb packages fix security vulnerability

libiberty: Heap/stack buffer overflow in the dlanglname function in d-demangle.c CVE-2021-3826 binutils: heap-based buffer overflow in bfdgetl32 when called by stripmain in objcopy.c via a crafted file CVE-2022-38533...

MGASA-2022-0425 Updated binutils/gdb packages fix security vulnerability

libiberty: Heap/stack buffer overflow in the dlanglname function in d-demangle.c CVE-2021-3826 binutils: heap-based buffer overflow in bfdgetl32 when called by stripmain in objcopy.c via a crafted file CVE-2022-38533...

OSV-2022-1157 Stack-buffer-overflow in merge_utf16be_ascii

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53149 Crash type: Stack-buffer-overflow WRITE 1 Crash state: mergeutf16beascii probeisoNUMBER superblocksprobe...

CentOS 8 : libtiff (CESA-2022:7585)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7585 advisory. - libtiff: Denial of Service via crafted TIFF file CVE-2022-0561 - libtiff: Null source pointer lead to Denial of Service via crafted TIFF file...

Moderate: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Amazon Linux 2022 : libtiff, libtiff-devel, libtiff-static (ALAS2022-2022-183)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-183 advisory. Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available wi...

Denial Of Service (DoS)

libde265.so is vulnerable to denial of service. The vulnerability exists due to stack-buffer overflow in the putepelhvfallback function in fallback-motion.cc, allowing an attacker to crash the application through a maliciously crafted video file...

Denial Of Service (DoS)

libde265.so is vulnerable to denial of service. The vulnerability exists due to a stack-buffer overflow in the putqpelfallback function of fallback-motion.cc, allowing an attacker to crash the application through a maliciously crafted video file...

CVE-2022-43236

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43236

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43237

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43237

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...