Mozilla Firefox < 105.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 105.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-40 advisory. - Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing...

CVE-2022-40152 Stack Buffer Overflow in Woodstox

Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks DOS if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

CVE-2022-40151 Stack Buffer Overflow in xstream

Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

CVE-2022-40151 Stack Buffer Overflow in xstream

Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

CVE-2022-40149 Stack Buffer Overflow in Jettison

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

CVE-2022-40150 Stack Buffer Overflow in Jettison

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack...

CVE-2022-40150 Stack Buffer Overflow in Jettison

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack...

CVE-2022-40149 Stack Buffer Overflow in Jettison

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

OSV-2022-891 Stack-buffer-overflow in flb_env_var_translate

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51278 Crash type: Stack-buffer-overflow WRITE Crash state: flbenvvartranslate flbparserconffile configrandomfuzzer.c...

PT-2022-37277 · Git +1 · Fluent-Bit

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack buffer overflow error, as indicated by a crash report. The crash involves the flb env var translate and flb parser conf...

OSV-2022-888 Stack-buffer-overflow in gs_type2_interpret

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51275 Crash type: Stack-buffer-overflow READ 4 Crash state: gstype2interpret copiedtype1glyphoutline gsdefaultglyphinfo...

PT-2022-37275 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. Technical details include a crash state involving functions such as gs type2 interpret, copie...

CVE-2022-33183. Stack buffer overflow using in “firmwaredownload” and “diagshow” commands.

A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands. Affected Product All Brocade Fabric OS versions...

SUSE: Security Advisory (SUSE-SU-2022:3229-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV-2022-872 Stack-buffer-overflow in PfxEntry::test_condition

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51134 Crash type: Stack-buffer-overflow READ 1 Crash state: PfxEntry::testcondition PfxEntry::checkword AffixMgr::prefixcheck...

PT-2022-37267 · Git +1 · Hunspell

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read, which occurs in the PfxEntry::test condition function, called by PfxEntry::checkword and...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...

CVE-2022-36660

CVE-2022-36660 affects xhyve at commit dfbe09b, with a stack buffer overflow in the pci_vtrnd_notify() component. The advisory signals a high-severity impact (CVSS 3.1: 9.8) through network access, no user interaction, and high impact to confidentiality, integrity, and availability. A temporary m...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...