CVE-2022-23806
- EPSS 3.02%
- Veröffentlicht 11.02.2022 01:15:07
- Zuletzt bearbeitet 21.11.2024 06:49:17
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
CVE-2022-0554
- EPSS 1.61%
- Veröffentlicht 10.02.2022 22:15:07
- Zuletzt bearbeitet 21.11.2024 06:38:54
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.
CVE-2022-0529
- EPSS 2.42%
- Veröffentlicht 09.02.2022 23:15:16
- Zuletzt bearbeitet 21.11.2024 06:38:51
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code ex...
CVE-2022-0530
- EPSS 2.11%
- Veröffentlicht 09.02.2022 23:15:16
- Zuletzt bearbeitet 21.11.2024 06:38:51
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code ex...
CVE-2022-0534
- EPSS 0.94%
- Veröffentlicht 09.02.2022 23:15:16
- Zuletzt bearbeitet 21.11.2024 06:38:51
A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault).
CVE-2022-21712
- EPSS 1.38%
- Veröffentlicht 07.02.2022 22:15:08
- Zuletzt bearbeitet 25.11.2024 18:12:24
twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. Br...
CVE-2022-23614
- EPSS 8.21%
- Veröffentlicht 04.02.2022 23:15:15
- Zuletzt bearbeitet 21.11.2024 06:48:56
Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly...
CVE-2022-23946
- EPSS 1.74%
- Veröffentlicht 04.02.2022 23:15:15
- Zuletzt bearbeitet 21.11.2024 06:49:30
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An ...
CVE-2022-23947
- EPSS 1.46%
- Veröffentlicht 04.02.2022 23:15:15
- Zuletzt bearbeitet 21.11.2024 06:49:30
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An ...
CVE-2021-4043
- EPSS 4.62%
- Veröffentlicht 04.02.2022 23:15:12
- Zuletzt bearbeitet 21.11.2024 06:36:47
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0.