70 matches found
CLSA-2022-1657182572 Fixed CVEs in vim: CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720
CVE-2022-2125: add checking for NUL to avoid running over the end of line - CVE-2022-1720: do not include the NUL in the length to avoid reading past end of line with "gf" in Visual block mode - CVE-2022-2124: add checking for NUL to avoid running over the end of line - CVE-2022-2129: disallow...
CLSA-2022-1657182150 Fix CVE(s): CVE-2022-2129, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720
SECURITY UPDATE: Reading past end of line with "gf" in Visual block mode - debian/patches/CVE-2022-1720.patch: Do not include the NUL in the length - CVE-2022-1720 SECURITY UPDATE: Searching for quotes may go over the end of the line - debian/patches/CVE-2022-2124.patch: Check for running into th...
CVE-2022-33915
Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or...
CVE-2022-1942
An out-of-bounds write vulnerability was found in Vim's vimregsubboth function in the src/regexp.c file. The flaw can open a command-line window from a substitute expression when a text or buffer is locked. This flaw allows an attacker to trick a user into opening a specially crafted file,...
CLSA-2022-1654529495 Fixed CVEs in vim: CVE-2022-1785, CVE-2022-1796
CVE-2022-1785: fix out-of-bounds write by disallowing changing window in substitute expression - CVE-2022-1796: fix use after free by making a copy of a line...
CLSA-2022-1654525751 Fix CVE(s): CVE-2022-1796, CVE-2022-1785
SECURITY UPDATE: Memory access error when substitute expression changes window - debian/patches/CVE-2022-1785.patch: Disallow changing window in substitute expression - CVE-2022-1785 SECURITY UPDATE: Accessing freed memory when line is flushed - debian/patches/CVE-2022-1796.patch: Make a copy of...
CLSA-2022-1654525460 Fixed CVEs in vim: CVE-2022-1785, CVE-2022-1796
CVE-2022-1785: fix out-of-bounds write by disallowing changing window in substitute expression - CVE-2022-1796: fix use after free by making a copy of a line...
Fix of CVE: CVE-2022-0413, CVE-2022-0417, CVE-2022-0408, CVE-2022-0443
CVE-2022-0408: fix stack corruption when looking for spell suggestions - CVE-2022-0413: fix using freed memory when substitute with function call - CVE-2022-0417: fix illegal memory access caused by ':retab 0' - CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'...
CVE-2021-44886
In Zammad 5.0.2, agents can configure "out of office" periods and substitute persons. If the substitute persons didn't have the same permissions as the original agent, they could receive ticket notifications for tickets that they have no access to...
Design/Logic Flaw
In Zammad 5.0.2, agents can configure "out of office" periods and substitute persons. If the substitute persons didn't have the same permissions as the original agent, they could receive ticket notifications for tickets that they have no access to...
PT-2022-12252 · Zammad · Zammad
Name of the Vulnerable Software and Affected Versions: Zammad version 5.0.2 Description: The issue allows agents to configure "out of office" periods and substitute persons. If the substitute persons do not have the same permissions as the original agent, they could receive ticket notifications f...
OSV-2022-108 Heap-buffer-overflow in void apply_string<GSUBProxy>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44212 Crash type: Heap-buffer-overflow READ 2 Crash state: void applystring void hbotmapt::apply hbotmapt::substitute...
The vulnerability of the SubstituteString() function in the MagickCore/string.c component of the ImageMagick console graphics editor allows a malicious actor to cause a service failure by exploiting integer overflow.
The vulnerability of the SubstituteString function in the MagickCore/string.c component of the ImageMagick console graphics editor is related to the lack of checking for the replaceextent parameter when it takes a zero value. Exploiting this vulnerability allows an attacker to cause a service...
CVE-2020-27770
Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...
UBUNTU-CVE-2020-27770
Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...
PT-2019-5838 · Imagemagick +5 · Imagemagick +5
Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.8-68 Description: The issue is related to a missing check for a 0 value of replace extent in the SubstituteString function, which can cause an offset p to overflow. This could be triggered by a crafted input...
The vulnerability of the “Blockhost – Network K” information protection software lies in the lack of checks for the integrity of uploaded libraries, allowing a perpetrator to execute arbitrary code.
The vulnerability of the “Blockhost – Network K” information protection software is related to the lack of checks for the integrity of the libraries being loaded. Exploiting this vulnerability allows a malicious actor, operating locally, to execute arbitrary code with privileges of...
The vulnerability of the enterprise resource management system Galaktika ERP lies in the lack of access control for the GalSrv directory, allowing an intruder to execute arbitrary codes.
The vulnerability of the Galaktika ERP resource management system is related to deficiencies in access control for the GalSrv directory, which is used in a two-tier system architecture. Exploiting this vulnerability allows an attacker with privileges as USERS to execute arbitrary code by placing...
Unspecified Vulnerability in Twitter Kit for iOS Login with Twitter Component
Twitter Kit for iOS is a set of open source native development kits for seamless interaction with Twitter on the iOS platform. login with Twitter component is one of the login components. A security vulnerability exists in the Login with Twitter component in Twitter Kit for iOS versions 3.0 throu...
CVE-2016-3162
The File module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allows remote authenticated users to bypass access restrictions and read, delete, or substitute a link to a file uploaded to an unprocessed form by leveraging permission to create content or comment and upload files...