3037 matches found
DEBIAN-CVE-2022-43598
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This...
DEBIAN-CVE-2022-43597
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This...
UBUNTU-CVE-2022-43598
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This...
UBUNTU-CVE-2022-43599
Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability...
UBUNTU-CVE-2022-43602
Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability...
UBUNTU-CVE-2022-43600
Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability...
UBUNTU-CVE-2022-43601
Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability...
OpenImageIO 安全漏洞
A code execution vulnerability exists in the OpenImageIO IFFOutput::close function, which is an image read/write library that also provides tools and applications. An attacker can use this vulnerability to cause a heap buffer overflow via a specially crafted ImageOutput object when the "xmax"...
incorrect message signer check in ecrecover() and no validation for oracleSigner which would cause all the unsigned messagess to be considered asvalid ones
Lines of code Vulnerability details Impact address oracleSigner has been used to verify signed messages by comparing the return value of ecrecover by oracleSigner. but the return value of ecrecover would be 0x0 and code doesn't check that return value is not 0x0. if owner set oracleSigner as 0x0 ...
CVE-2022-26579
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...
CVE-2022-26579
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...
CVE-2022-26579
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...
PAX Technology A930 数据伪造问题漏洞
The PAX Technology A930 is an Android mobile payment terminal from China-based PAX Technology. The PAX Technology A930 PayDroid7.1.1VirgoV04.3.26T120210419 version suffers from a Data Forgery Issue vulnerability that originates from allowing a root-privileged attacker to install an unsigned...
CVE-2022-26579
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...
SUSE-SU-2022:4259-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2022-3597: Fixed out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c bnc1204641. - CVE-2022-3599: Fixed out-of-bounds read in writeSingleSection in tools/tiffcrop.c bnc1204643. - CVE-2022-3626: Fixed out-of-bounds write in TIFFmemset in...
SUSE-SU-2022:4248-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2022-3597: Fixed out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c bnc1204641. - CVE-2022-3599: Fixed out-of-bounds read in writeSingleSection in tools/tiffcrop.c bnc1204643. - CVE-2022-3626: Fixed out-of-bounds write in TIFFmemset in...
PT-2022-36792 · Git +1 · Harfbuzz
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read crash has been reported, involving the OT::hb ot apply context t::skipping iterator t::next function and the OT::match input...
AlmaLinux 9 : grub2, mokutil, shim, and shim-unsigned-x64 (ALSA-2022:5099)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5099 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...
kernel: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit()
In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldevstatsetcounterdynamicdoit This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows...
Xen: Oxenstored 32->31 bit integer truncation issues (XSA-420)
Oxenstored 32-31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most...