88 matches found
CVE-2022-35481
Technical details for CVE-2022-35481 are not publicly available in the provided documents. Monitor for updates from official sources; current connected EUVD entries describe unrelated malware in bioql PyPI and do not reveal affected product/version or remediation.
CVE-2022-35471
Technical details about CVE-2022-35471 are not provided in the supplied documents. No explicit impact, affected version specifics, or remediation are disclosed. Monitor for updates from official advisories.
CVE-2022-35450
Technical details about CVE-2022-35450 are not publicly available in the provided documents. Monitor for updates from official advisories.
CVE-2022-35462
Technical details about CVE-2022-35462 are not publicly available in the provided documents. Monitor for updates and additional sources to assess impact, affected components, and remediation.
CVE-2022-33047
Technical details are not publicly available in the provided documents; no information on affected products, impact, or mitigations is included here. Monitor for updates.
CVE-2022-35475
Technical details for CVE-2022-35475 are not publicly available in the provided documents. The sources mention a heap-buffer overflow in otfccdump but do not provide affected versions, root cause specifics, exploit information, or a fix. Monitor for updates.
CVE-2022-35469
Technical details for CVE-2022-35469 are not publicly available in the provided documents; connected EUVD entries refer to unrelated PyPI bioql issues. Monitor for updates.
CVE-2022-35486
Technical details for CVE-2022-35486 are not publicly available in the provided documents. No information on affected versions, root cause, impact, or remediation is present. Monitor for updates.
CVE-2022-35472
Technical details for CVE-2022-35472 are not publicly provided in the connected documents; only the initial description notes a global overflow in OTFCC v0.10.4. Monitor for updates.
CVE-2022-35478
CVE-2022-35478 : OTFCC v0.10.4 contains a segmentation fault caused by /release-x64/otfccdump+0x6babea. The NVD metrics assign a CVSS v3.1 base score of 6.5 (Medium) with attack vector Network, attack complexity Low, no privileges required, user interaction required, and availability impact as Hi...
CVE-2022-35479
OTFCC v0.10.4 contains a segmentation fault in the binary release-x64/otfccdump+0x4fbbb6. CVE-2022-35479 has a CVSSv3.1 base score of 6.5 (Network attack, no privileges required, user interaction required, availability impact HIGH; confidentiality and integrity impact NONE). Exploitation status i...
CVE-2022-35484
Technical details about CVE-2022-35484 are not publicly provided in the supplied documents; no affected products or root cause are specified. Monitor for updates.
CVE-2022-35449
Technical details for CVE-2022-35449 are not publicly provided in the supplied documents. No affected product versions, root cause, or remediation are present here. Monitor for updates.
CVE-2022-35459
CVE-2022-35459 concerns OTFCC v0.10.4, where a heap-buffer overflow is triggered through /release-x64/otfccdump+0x6e412a. The initial description provides the affected component (OTFCC), the vulnerability class (heap-buffer overflow), and a likely impact of CPU/Availability (per CVSS: Availabilit...
CVE-2022-35460
CVE-2022-35460 : OTFCC v0.10.4 contains a heap-buffer overflow in the release-x64/otfccdump+0x61731f path. This may affect availability (per CVSS base metrics) but no concrete exploitation details or remediation are provided in the available documents.
CVE-2022-35473
Technical details for CVE-2022-35473 are not publicly available in the provided documents; no affected products, root cause, impact, or fixes are described beyond the segmentation fault note. Monitor for updates.
CVE-2022-35022
CVE-2022-35022 affects the OTFCC project (OpenType font tools) due to a segmentation fault in the otfccdump binary (commit 617837b) via /release-x64/otfccdump+0x6badae. Connected records confirm the issue as a segmentation violation with CVSSv3.1 base score 6.5 (Availability impact HIGH, no confi...
CVE-2022-35465
Technical details about CVE-2022-35465 are not publicly available in the provided documents. Monitor for updates.
CVE-2022-35470
Technical details about CVE-2022-35470, including affected products, vulnerable components, impact, and remediation, are not publicly provided in the supplied documents. Monitor for updates.
CVE-2022-35452
CVE-2022-35452 affects OTFCC v0.10.4, with a heap-buffer overflow in the release-x64/otfccdump+0x6b0b2c path. The provided data shows a NETWORK attack vector with low attack complexity, no privileges required, but user interaction is required and the impact is availability loss (CVE CVSS v3.1 bas...
CVE-2022-35464
Technical details about CVE-2022-35464 are not publicly available in the provided connected documents. Monitor for updates and rely on the CVE entry and vendor advisories for remediation.
CVE-2022-35466
No additional technical details are provided in the connected documents for CVE-2022-35466; the initial description mentions a heap-buffer overflow in otfccdump, but no vendor/product/version data or remediation is given.
CVE-2022-35482
Technical details for CVE-2022-35482 are not publicly provided in the supplied documents. No information on affected products, versions, or fixes is available here. Monitor for updates.
CVE-2022-35448
Technical details about CVE-2022-35448 are not provided in the connected documents. Monitor for updates.
CVE-2022-35458
Technical details (affected product, version, impact, exploit) are not publicly available in the provided Connected documents; monitor for updates.
CVE-2022-35474
In CVE-2022-35474, OTFCC v0.10.4 contains a heap-buffer overflow triggered through /release-x64/otfccdump+0x6b544e. The NVD entry lists a MEDIUM severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). No exploitation details or patches are provided in the connected documents; the exposed impact...
CVE-2022-35477
Technical details for CVE-2022-35477 are not publicly provided in the supplied documents; no affected product/version or remediation is listed here. Monitor for updates.
CVE-2022-35447
Technical details for CVE-2022-35447 are not publicly available in the provided documents. Monitor for updates.
CVE-2022-35463
CVE-2022-35463 : OTFCC v0.10.4 contains a heap-buffer overflow in the otfccdump path (+0x6b0478). Affected component: otfccdump within OTFCC. CVSSv3.1 metrics indicate Network attack, no privileges, user interaction required, with availability impact (HIGH) and overall base score 6.5 (MEDIUM). Ro...
CVE-2022-35467
Technical details for CVE-2022-35467 are not publicly available in the provided documents. Monitor for updates from primary sources to confirm affected components, impact, and fixes.
CVE-2022-35483
CVE-2022-35483 : OTFCC v0.10.4 contains a segmentation fault at /release-x64/otfccdump+0x5266a8, as described in the initial report. The CVSS vector indicates an external network attack surface with no privileges required, but user interaction is needed; the impact is confined to availability (HI...
CVE-2022-35030
CVE-2022-35030 concerns Caryll OTFCC, a C library for parsing OpenType fonts. The risk is due to a segmentation violation in otfccdump accessed via /release-x64/otfccdump+0x4fe954, as reported for OTFCC commit 617837b. Documented impact indicates a potential crash (availability impact) while netw...
CVE-2022-35031
CVE-2022-35031 concerns Caryll OTFCC. Affected component: the otfccdump tool (OTFCC commit 617837b) where a segmentation fault occurs at otfccdump+0x703969. This can crash the program, leading to a denial of service as indicated by multiple sources in the connected data. Exploitation is described...
CVE-2022-35485
Technical details about CVE-2022-35485 are not publicly available in the provided connected documents. Monitor for updates for affected software, impact, and remediation as additional information appears.
CVE-2022-35038
CVE-2022-35038 concerns Caryll OTFCC: a heap buffer overflow was found in otfccdump+0x6b064d within OTFCC. The root cause is a boundary error when handling untrusted input, leading to a potential program crash. Affected component is the OTFCC library/utility that parses OpenType font files; exact...
CVE-2022-35454
Technical details about CVE-2022-35454 are not provided in the connected documents. The initial entry mentions a heap-buffer overflow in OTFCC v0.10.4, but no affected versions, exploit info, or mitigations are included here.
CVE-2022-35455
Technical details for CVE-2022-35455 are not publicly provided in the supplied documents. The connected EUVD entries describe bioql issues and are not specific to this CVE. Monitor for updates.
CVE-2022-35461
CVE-2022-35461 affects OTFCC v0.10.4, with a heap-buffer overflow in otfccdump triggered at release-x64/otfccdump+0x6c0a32. Document notes indicate network-based access with user interaction required; impact is listed as Availability impact: HIGH, while Confidentiality and Integrity are unchanged...
CVE-2022-35068
CVE-2022-35068 affects the OTFCC project (a C library for parsing OpenType font files). The vulnerability is a heap buffer overflow in the /release-x64/otfccdump+0x6e420d path when handling untrusted input. This is documented across multiple sources (e.g., CVE entry and CNVD/OSV entries) without ...
CVE-2022-35453
Technical details for CVE-2022-35453 are not publicly available in the provided documents. Monitor for updates from Vulners and applicable advisories to obtain affected products, impact, and remediation.
CVE-2022-35456
Technical details about CVE-2022-35456 are not publicly available in the provided documents. Monitor for updates from official advisories.
CVE-2022-35066
CVE-2022-35066 concerns the OTFCC library (OpenType font tooling). The issue is a heap buffer overflow in the release-x64/otfccdump binary, triggered by commit 617837b. This vulnerability is described across multiple sources as a heap overflow with an impact described as availability being affect...
CVE-2022-35070
OTFCC (OpenType font parsing/writing library) is affected by CVE-2022-35070 due to a heap buffer overflow in the release-x64/otfccdump binary, triggered by commit 617837b at otfccdump+0x65fc97. The vulnerability affects the OTFCC project as described in multiple sources; CVSS details included wit...
CVE-2022-35468
Technical details for CVE-2022-35468 are not provided in the connected documents. The initial description notes a heap-buffer overflow in OTFCC v0.10.4, but no further specifics (affected versions, CVSS, or remediation) are included here.
CVE-2022-35476
Technical details for CVE-2022-35476 are not provided in the connected documents. Based on available data, no affected products, vectors, or remediation are described here. Monitor for updates from official sources.
CVE-2022-35050
CVE-2022-35050: OTFCC commit 617837b contains a heap buffer overflow in the /release-x64/otfccdump+0x6b04de path. The vulnerability stems from a boundary error when handling untrusted input, potentially leading to a program crash (availability impact). Affected software is OTFCC (Caryll OpenType ...
CVE-2022-35056
Summary: CVE-2022-35056 affects the OTFCC library (Caryll open source) used to parse/write OpenType font files. The vulnerability is a heap buffer overflow caused by a boundary error in /release-x64/otfccdump+0x6b0478 when handling untrusted input. The issue can lead to a program crash. What’s in...
CVE-2022-35067
CVE-2022-35067 affects the OTFCC library/utility. A heap buffer overflow is introduced in commit 617837b via /release-x64/otfccdump+0x6e41b0, potentially causing a program crash. Documented CVSS v3.1 base score is 6.5 (Medium) with network attack vector and user interaction required. Connected so...
CVE-2022-35053
The CVE-2022-35053 entry describes a heap buffer overflow in OTFCC commit 617837b, exploitable via /release-x64/otfccdump+0x61731f. OTFCC is a Caryll open-source C library/toolset for parsing/writing OpenType font files. The vulnerability originates from a boundary condition when handling untrust...
CVE-2022-35024
CVE-2022-35024 affects OTFCC (OpenType font tooling library). A segmentation fault has been observed in commit 617837b when executing code paths involving /multiarch/memmove-vec-unaligned-erms.S. The available connected documents consistently cite a segmentation violation at that location as the ...