CVE-2022-0629
- EPSS 1.81%
- Veröffentlicht 17.02.2022 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:39:04
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2021-43299
- EPSS 2.51%
- Veröffentlicht 16.02.2022 21:15:07
- Zuletzt bearbeitet 04.11.2025 16:15:44
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
CVE-2021-43300
- EPSS 2.38%
- Veröffentlicht 16.02.2022 21:15:07
- Zuletzt bearbeitet 04.11.2025 16:15:44
Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
CVE-2021-43301
- EPSS 2.38%
- Veröffentlicht 16.02.2022 21:15:07
- Zuletzt bearbeitet 04.11.2025 16:15:44
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
CVE-2021-43302
- EPSS 2.2%
- Veröffentlicht 16.02.2022 21:15:07
- Zuletzt bearbeitet 04.11.2025 16:15:45
Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.
CVE-2021-43303
- EPSS 2.38%
- Veröffentlicht 16.02.2022 21:15:07
- Zuletzt bearbeitet 04.11.2025 16:15:45
Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' a...
CVE-2022-25258
- EPSS 0.93%
- Veröffentlicht 16.02.2022 20:15:07
- Zuletzt bearbeitet 21.11.2024 06:51:53
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function ...
CVE-2021-3560
- EPSS 22.19%
- Veröffentlicht 16.02.2022 19:15:08
- Zuletzt bearbeitet 06.11.2025 14:50:43
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new loc...
CVE-2021-3578
- EPSS 1.04%
- Veröffentlicht 16.02.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:53
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. ...
CVE-2021-3752
- EPSS 1.74%
- Veröffentlicht 16.02.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:20
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The...