Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2022-28994: Small HTTP Server 3.06 Remote Buffer Overflow ≈ Packet Storm

Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request.

CVE
Open in Source
#vulnerability#windows#buffer_overflow
CVE-2022-1533: Buffer Over-read in libmobi

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. This vulnerability is capable of arbitrary code execution.

CVE-2022-1484: Chromium: CVE-2022-1484 Heap buffer overflow in Web UI Settings

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.32 4/28/2022 101.0.4951.41

CVE-2022-1483: Chromium: CVE-2022-1483 Heap buffer overflow in WebGPU

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.32 4/28/2022 101.0.4951.41

CVE-2022-29869: mount.cifs: two bug fixes by ddiss · Pull Request #7 · piastry/cifs-utils

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.

CVE-2022-28197: Security Bulletin: NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series (including Jetson TX2 NX) - April 2022

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. This difficult-to-exploit vulnerability may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.

CVE-2022-28193: Security Bulletin: NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series (including Jetson TX2 NX) - April 2022

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality.

CVE-2021-34587: VDE-2021-047 | CERT@VDE

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.

CVE-2021-34587: VDE-2021-047 | CERT@VDE

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.

CVE-2022-22323: IBM Security Identity Manager buffer overflow CVE-2022-22323 Vulnerability Report

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 218379.