SB2023022347 - Multiple vulnerabilities in Dell Cloud Tiering Appliance
Published: February 23, 2023 Updated: June 7, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 189 secuirty vulnerabilities.
1) Out-of-bounds write (CVE-ID: CVE-2022-1785)
The vulnerability allows a remote attacker to execute arbitrary code
The vulnerability exists due to a boundary error when processing untrusted input in vim_regsub_both() function. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
2) Out-of-bounds write (CVE-ID: CVE-2022-1381)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
3) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2022-1420)
The vulnerability allows a remote attacker to cause a denial of service on the target application.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a use of out-of-range pointer offset and crash the application.
4) Heap-based buffer overflow (CVE-ID: CVE-2022-1616)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
5) Heap-based buffer overflow (CVE-ID: CVE-2022-1619)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing data in the cmdline_erase_chars() function in ex_getln.c. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
6) NULL pointer dereference (CVE-ID: CVE-2022-1620)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the vim_regexec_string() function in regexp.c. A remote attacker can trick the victim to open a specially crafted file, trigger NULL pointer dereference error and crash the application.
7) Out-of-bounds read (CVE-ID: CVE-2022-1720)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in normal.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
8) Heap-based buffer overflow (CVE-ID: CVE-2022-1733)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in skip_string() function. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
9) Buffer overflow (CVE-ID: CVE-2022-1735)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in utfc_ptr2len() function. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
10) Stack-based buffer overflow (CVE-ID: CVE-2022-1771)
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error when providing certain input. A remote attacker can trigger stack-based buffer overflow and perform a denial of service attack.
11) Use-after-free (CVE-ID: CVE-2022-1796)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
12) Use-after-free (CVE-ID: CVE-2022-0413)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when using freed memory when substitute with function call . A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
13) Out-of-bounds read (CVE-ID: CVE-2022-1851)
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to illegal memory access and leads to an out-of-bounds read vulnerability in the gchar_cursor() function. A local attacker can trick the victim into opening a specially crafted file, leading to a system crash or code execution.
14) Out-of-bounds write (CVE-ID: CVE-2022-1897)
The vulnerability allows a local attacker to execute arbitrary code on the system.
The vulnerability exists due to Illegal memory access and leads to an out-of-bounds write vulnerability in the vim_regsub_both() function. A local attacker can trick the victim into opening a specially crafted file, leading to a system crash or code execution.
15) Use-after-free (CVE-ID: CVE-2022-1898)
The vulnerability allows a local attacker to execute arbitrary code on the system.
The vulnerability exists due to Illegal memory access and leads to a use-after-free vulnerability in the find_pattern_in_path() function. A local attacker can trick the victim into opening a specially crafted file, leading to a system crash or code execution.
16) Out-of-bounds read (CVE-ID: CVE-2022-1927)
The vulnerability allows a local attacker to execute arbitrary code on the system.
The vulnerability exists due to Illegal memory access and leads to a buffer over-read vulnerability in the utf_ptr2char() function. A local attacker can trick the victim into opening a specially crafted file, trigger out-of-bounds read error and execute arbitrary code on the system.
17) Use-after-free (CVE-ID: CVE-2022-1968)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in search.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
18) Out-of-bounds read (CVE-ID: CVE-2022-2124)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in textobject.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
19) Heap-based buffer overflow (CVE-ID: CVE-2022-2125)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in indent.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
20) Out-of-bounds read (CVE-ID: CVE-2022-2126)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in spellsuggest.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
21) Out-of-bounds write (CVE-ID: CVE-2022-2129)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in ex_docmd.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
22) NULL pointer dereference (CVE-ID: CVE-2022-0696)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in Vim when switching tabpage while in the cmdline window. A remote attacker can perform a denial of service (DoS) attack.
23) Heap-based buffer overflow (CVE-ID: CVE-2022-0407)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
24) Heap-based buffer overflow (CVE-ID: CVE-2022-2182)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ex_docmd.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
25) Use-after-free (CVE-ID: CVE-2021-4192)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
26) Use of Uninitialized Variable (CVE-ID: CVE-2021-3928)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to parsing uninitialized variable. A remote attacker can trick a victim to open a specially crafted file and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
27) Heap-based buffer overflow (CVE-ID: CVE-2021-3968)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
28) Heap-based buffer overflow (CVE-ID: CVE-2021-3973)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
29) Use-after-free (CVE-ID: CVE-2021-3974)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
30) Heap-based buffer overflow (CVE-ID: CVE-2021-3984)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
31) Out-of-bounds write (CVE-ID: CVE-2021-4019)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
32) Use-after-free (CVE-ID: CVE-2021-4069)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
33) Heap-based buffer overflow (CVE-ID: CVE-2021-4136)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
34) Out-of-bounds read (CVE-ID: CVE-2021-4166)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
35) Out-of-bounds read (CVE-ID: CVE-2021-4193)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
36) Heap-based buffer overflow (CVE-ID: CVE-2022-0392)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
37) NULL pointer dereference (CVE-ID: CVE-2021-46059)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the vim_regexec_multi() function in regexp.c in Vim. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service (DoS) attack.
38) Out-of-bounds read (CVE-ID: CVE-2022-0128)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
39) Heap-based buffer overflow (CVE-ID: CVE-2022-0213)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing files. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
40) Heap-based buffer overflow (CVE-ID: CVE-2022-0261)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
41) Heap-based buffer overflow (CVE-ID: CVE-2022-0318)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
42) Out-of-bounds read (CVE-ID: CVE-2022-0319)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
43) Buffer overflow (CVE-ID: CVE-2022-0351)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
44) Heap-based buffer overflow (CVE-ID: CVE-2022-0359)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
45) Heap-based buffer overflow (CVE-ID: CVE-2022-0361)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when copying lines in Visual mode. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
46) Out-of-bounds read (CVE-ID: CVE-2022-2175)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in ex_getln.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
47) Out-of-bounds read (CVE-ID: CVE-2022-2183)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in indent.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
48) Heap-based buffer overflow (CVE-ID: CVE-2021-3903)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
49) Use-after-free (CVE-ID: CVE-2022-3099)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the do_cmdline() function in vim/src/ex_docmd.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
50) Use-after-free (CVE-ID: CVE-2022-2862)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in vim9compile.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
51) NULL pointer dereference (CVE-ID: CVE-2022-2874)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in vim9compile.c. A remote attacker can trick the victim top open a specially crafted file and crash the application.
52) Use-after-free (CVE-ID: CVE-2022-2889)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the find_var_also_in_script() function in evalvars.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
53) NULL pointer dereference (CVE-ID: CVE-2022-2923)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the sug_filltree() function in spellfile.c. A remote attacker can perform a denial of service (DoS) attack.
54) Use-after-free (CVE-ID: CVE-2022-2946)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the vim_vsnprintf_typval() function in strings.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
55) NULL pointer dereference (CVE-ID: CVE-2022-2980)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the do_mouse() function in mouse.c. A remote attacker can perform a denial of service (DoS) attack.
56) Use-after-free (CVE-ID: CVE-2022-2982)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the qf_fill_buffer() function in quickfix.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
57) Use-after-free (CVE-ID: CVE-2022-3016)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the get_next_valid_entry() function in quickfix.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
58) Use-after-free (CVE-ID: CVE-2022-3037)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the qf_buf_add_line() function. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
59) Use-after-free (CVE-ID: CVE-2022-3134)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing files within the do_tag() function in vim/src/tag.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
60) Out-of-bounds read (CVE-ID: CVE-2022-2845)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within edit.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
61) NULL pointer dereference (CVE-ID: CVE-2022-3153)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the vim_regcomp() function in regexp.c. A remote attacker can perform a denial of service (DoS) attack.
62) Heap-based buffer overflow (CVE-ID: CVE-2022-3234)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the utfc_ptr2len() function at mbyte.c. A remote attacker can trick the victim to open a specially crafted fule, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
63) Use-after-free (CVE-ID: CVE-2022-3235)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the getcmdline_int() function in ex_getln.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
64) NULL pointer dereference (CVE-ID: CVE-2022-3278)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in eval.c. A remote attacker can perform a denial of service (DoS) attack.
65) Buffer overflow (CVE-ID: CVE-2022-3296)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing files within the ex_finally() function in ex_eval.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
66) Use-after-free (CVE-ID: CVE-2022-3297)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the process_next_cpt_value() function in insexpand.c when processing files. A remote attacker can trick the victim to open a specially crafted flie, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
67) Stack-based buffer overflow (CVE-ID: CVE-2022-3324)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when handling files within the win_redr_ruler(0 function in drawscreen.c. A remote attacker can trick the victim to open a specially crafted file, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
68) Use-after-free (CVE-ID: CVE-2022-3352)
The vulnerability allows a remote attacker to compromise vulnerable system.
The
vulnerability exists due to a use-after-free error when handling files
within the did_set_string_option() function in optionstr.c. A remote attacker
can trick the victim to open a specially crafted file, trigger a
use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
69) Use-after-free (CVE-ID: CVE-2022-3705)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling files within the qf_update_buffer() function in quickfix.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
70) Heap-based buffer overflow (CVE-ID: CVE-2022-2849)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in mbyte.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
71) Heap-based buffer overflow (CVE-ID: CVE-2022-2819)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in vim9cmds.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
72) Out-of-bounds read (CVE-ID: CVE-2022-2206)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in term.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
73) Out-of-bounds read (CVE-ID: CVE-2022-2287)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in suggest_trie_walk() function abusing array byts in line spellsuggest.c:1925. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
74) Heap-based buffer overflow (CVE-ID: CVE-2022-2207)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in edit.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
75) NULL pointer dereference (CVE-ID: CVE-2022-2208)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in diff.c. A remote attacker can perform a denial of service (DoS) attack.
76) Out-of-bounds write (CVE-ID: CVE-2022-2210)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in diff.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
77) NULL pointer dereference (CVE-ID: CVE-2022-2231)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in skipwhite() function at charset.c:1428. A remote attacker can trick the victim into opening a specially crafted file to perform a denial of service (DoS) attack.
78) Out-of-bounds read (CVE-ID: CVE-2022-2257)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in msg_outtrans_special() function at message.c:1716. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
79) Heap-based buffer overflow (CVE-ID: CVE-2022-2264)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim into opening a specially crafted data, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
80) Heap-based buffer overflow (CVE-ID: CVE-2022-2284)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in utfc_ptr2len() function at mbyte.c:2113. A remote attacker can trick the victim into opening a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
81) Integer overflow (CVE-ID: CVE-2022-2285)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in del_typebuf() function at getchar.c:1204. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
82) Out-of-bounds read (CVE-ID: CVE-2022-2286)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in ins_bytes() function at change.c:968. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
83) Stack-based buffer overflow (CVE-ID: CVE-2022-2304)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in spell_dump_compl() function at spell.c:4038. A remote unauthenticated attacker can trick the victim into opening a specially crafted file to trigger stack-based buffer overflow and execute arbitrary code on the target system.
84) Use-after-free (CVE-ID: CVE-2022-2817)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing files in testing.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
85) Heap-based buffer overflow (CVE-ID: CVE-2022-2343)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ins_compl_add() function at insexpand.c:751. A remote attacker can trick the victim into opening a specially crafted data, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
86) Heap-based buffer overflow (CVE-ID: CVE-2022-2344)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ins_compl_add() function at insexpand.c:751. A remote attacker can trick the victim into opening a specially crafted data, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
87) Use-after-free (CVE-ID: CVE-2022-2345)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in function skipwhite at charset.c:1428. A remote attacker can trick the victim to open a specially crafted file and compromise vulnerable system.
88) Heap-based buffer overflow (CVE-ID: CVE-2022-2522)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the ins_compl_infercase_gettext() function in insexpand.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
89) Heap-based buffer overflow (CVE-ID: CVE-2022-2571)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the vim_iswordp_buf() function in insexpand.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
90) Heap-based buffer overflow (CVE-ID: CVE-2022-2580)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the eval_string() function in typval.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
91) Out-of-bounds read (CVE-ID: CVE-2022-2581)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition within the utf_ptr2char() function in regexp.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and crash the application.
92) Heap-based buffer overflow (CVE-ID: CVE-2022-2598)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the diff_write_buffer() function in diff.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and crash the application.
93) Out-of-bounds read (CVE-ID: CVE-2022-2816)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the check_vim9_unlet() function in vim9cmds.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
94) Heap-based buffer overflow (CVE-ID: CVE-2021-3927)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
95) Heap-based buffer overflow (CVE-ID: CVE-2021-3875)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
96) Input validation error (CVE-ID: CVE-2019-1010204)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the improper processing of Executable Linkable Format (ELF) files with invalid "e_shoff" header fields in the "gold/fileread.cc:497" and "elfcpp/elfcpp_file.h:644" files. A remote attacker can trick a victim to open a specially crafted ELF file, cause an out-of-bounds read condition and perform a denial of service attack on the target system.
97) Use-after-free (CVE-ID: CVE-2022-3586)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in the way the sch_sfb enqueue function used the socket buffer (SKB) cb
field after the same SKB had been enqueued (and freed) into a child
qdisc. A local user can perform a denial of service (DoS) attack.
98) Out-of-bounds write (CVE-ID: CVE-2022-2964)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
99) Resource management error (CVE-ID: CVE-2022-3169)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in Linux kernel when handling a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver. A local user can force the a PCIe link to disconnect.
100) Use-after-free (CVE-ID: CVE-2022-3424)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gru_set_context_option(), gru_fault() and gru_handle_user_call_os() functions in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
101) Race condition (CVE-ID: CVE-2022-3521)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the kcm_tx_work() function in net/kcm/kcmsock.c in Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
102) Memory leak (CVE-ID: CVE-2022-3524)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the ipv6_renew_options() function when retrieving a new IPv6 address from a malicious DHCP server. A remote attacker can force the system to leak memory and perform denial of service attack.
103) Memory leak (CVE-ID: CVE-2022-3542)
The vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak within the bnx2x_tpa_stop() function in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c. A local user can force the system to leak memory and perform denial of service attack.
104) Buffer overflow (CVE-ID: CVE-2022-3545)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the area_cache_get() function in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
105) Buffer overflow (CVE-ID: CVE-2022-3565)
The vulnerability allows an attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the del_timer() function in drivers/isdn/mISDN/l1oip_core.c in the Bluetooth component. An attacker with physical proximity to device can trigger memory corruption and execute arbitrary code on the target system.
106) Race condition (CVE-ID: CVE-2022-3567)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the inet6_stream_ops() and inet6_dgram_ops() functions. A local user can exploit the race and escalate privileges on the system.
107) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2022-3594)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the intr_callback() function in drivers/net/usb/r8152.c can be forced to include excessive data info the log files. A local user can read the log files and gain access to sensitive data.
Note, the vulnerability can be triggered remotely.
108) Processor optimization removal or modification of security-critical code (CVE-ID: CVE-2022-28693)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to unprotected alternative channel of return branch target prediction. A local user can gain access to sensitive information.
109) NULL pointer dereference (CVE-ID: CVE-2022-3621)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the nilfs2 filesystem driver within the nilfs_bmap_lookup_at_level() function in fs/nilfs2/inode.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image and perform a denial of service (DoS) attack.
110) Buffer overflow (CVE-ID: CVE-2022-3628)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the brcmf_fweh_event_worker() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c. A local user can use a specially crafted device to trigger memory corruption and escalate privileges on the system.
111) Memory leak (CVE-ID: CVE-2022-3629)
The vulnerability allows a local user to perform DoS attack.
The vulnerability exists due memory leak within the vsock_connect() function in net/vmw_vsock/af_vsock.c in Linux kernel IPSec implementation. A local user can force the system to leak memory and perform denial of service attack.
112) Use-after-free (CVE-ID: CVE-2022-3635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the drivers/atm/idt77252.c in IPsec component of Linux kernel. A local user can trigger a use-after-free error and crash the kernel.
113) Input validation error (CVE-ID: CVE-2022-3643)
The vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of network packets. An attacker with access to the guest OS can trigger the related physical NIC on the host to reset, abort, or crash by sending certain kinds of packets.
114) NULL pointer dereference (CVE-ID: CVE-2022-3646)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the nilfs2 filesystem driver within the nilfs_attach_log_writer() function in fs/nilfs2/segment.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image and perform a denial of service (DoS) attack.
115) Use-after-free (CVE-ID: CVE-2022-3649)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the nilfs2 filesystem driver in nilfs_new_inode() function in fs/nilfs2/inode.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
116) Resource management error (CVE-ID: CVE-2022-3903)
The vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an incorrect read request flaw in the Infrared Transceiver USB driver in Linux kernel. An attacker with physical access to the system can starve system resources and perform a denial of service (DoS) attack.
117) Use-after-free (CVE-ID: CVE-2022-40307)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the drivers/firmware/efi/capsule-loader.c in Linux kernel. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.
118) Memory leak (CVE-ID: CVE-2022-28748)
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due memory leak when working with ax88179_178a devices. An attacker with physical access to the system can inject a malicious USB-drive and remotely obtain data from kernel memory.
119) NULL pointer dereference (CVE-ID: CVE-2022-2153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Linux kernel’s KVM when attempting to set a SynIC IRQ. A local user on the host can issue specific ioctl calls, causing a denial of service.
120) Double Free (CVE-ID: CVE-2022-4095)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the cmd_hdl_filter() function in drivers/staging/rtl8712/rtl8712_cmd.c. A local user can trigger a double free error and execute arbitrary code with escalated privileges.
121) Out-of-bounds read (CVE-ID: CVE-2022-42011)
The vulnerability allows a local user to gain access to potentially sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error caused by an invalid array of fixed-length elements where the length of the array is not a multiple of the length of the element. A local user can trigger an out-of-bounds read and gain access to sensitive information.
122) Uncontrolled Recursion (CVE-ID: CVE-2021-3530)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to uncontrolled recursion within the demangle_path() function in rust-demangle.c in GNU libiberty. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
123) Buffer overflow (CVE-ID: CVE-2021-3826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the dlang_lname() function in d-demangle.c in libiberty. A local user can perform a denial of service (DoS) attack via a crafted mangled symbol.
124) Out-of-bounds write (CVE-ID: CVE-2021-45078)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a boundary error in stab_xcoff_builtin_type() function in stabs.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
Note, the vulnerability exists due to incorrect patch for #VU13471 (CVE-2018-12699).
125) Uncontrolled Recursion (CVE-ID: CVE-2021-46195)
The vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to uncontrolled recursion in the libiberty/rust-demangle.c component. An attacker with ability to pass specially crafted input to the GCC application can consume excessive CPU and memory resources and perform a denial of service (DoS) attack.
126) Resource exhaustion (CVE-ID: CVE-2022-27943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within demangle_const in libiberty/rust-demangle.c. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
127) Heap-based buffer overflow (CVE-ID: CVE-2022-38533)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the bfd_getl32() function. A remote attacker can trick the victim to process a specially crafted file, trigger a heap-based buffer overflow and crash the application.
128) Expected behavior violation (CVE-ID: CVE-2022-32221)
The vulnerability allows a remote attacker to force unexpected application behavior.
The vulnerability exists due to a logic error for a reused handle when processing subsequent HTTP PUT and POST requests. The libcurl can erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data to send, even when the CURLOPT_POSTFIELDS option has been set, if the same handle previously was used to issue a PUT request, which used that callback. As a result, such behavior can influence application flow and force unpredictable outcome.
129) Input validation error (CVE-ID: CVE-2022-35252)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the way curl handles cookies with control codes (byte values below 32). When cookies that contain such control codes are later sent back to an
HTTP(S) server, it might make the server return a 400 response, effectively allowing a "sister site" to deny service to siblings.
130) Reachable Assertion (CVE-ID: CVE-2022-42010)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion in debug builds caused by a syntactically invalid type signature with incorrectly nested parentheses and curly brackets. A local user can perform a denial of service (DoS) attack.
131) Use-after-free (CVE-ID: CVE-2022-42012)
The vulnerability allows a local user to escalate privileges on the system.
132) Improper access control (CVE-ID: CVE-2021-4037)
The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the fs/inode.c:inode_init_owner() function logic of the Linux kernel. A local user can create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set to bypass implemented security restrictions and gain unauthorized access to the application.
133) OS Command Injection (CVE-ID: CVE-2022-45939)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when processing name of a source-code file in lib-src/etags.c. A remote attacker can trick the victim to use the "ctags *" command and execute arbitrary OS commands on the target system in a situation where the current working directory has contents that depend on untrusted input.
134) UNIX symbolic link following (CVE-ID: CVE-2021-28153)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue, when g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
Successful exploitation of this vulnerability may result in privilege escalation.
135) Data Handling (CVE-ID: CVE-2015-8985)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.
136) Out-of-bounds write (CVE-ID: CVE-2022-2601)
The vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to a boundary error within the grub_font_construct_glyph() function when handling pf2 font. An attacker with physical access to the affected system can trigger an out-of-bounds write and bypass secure boot restrictions.
137) Out-of-bounds write (CVE-ID: CVE-2022-3775)
The vulnerability allows an attacker to crash the system.
The vulnerability exists due to a boundary error when rendering certain unicode sequences in grub2 font code. An attacker with physical access to device can trigger an out-of-bounds write and perform a denial of service (DoS) attack.
138) Improper input validation (CVE-ID: CVE-2022-21619)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Security component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
139) Improper input validation (CVE-ID: CVE-2022-21624)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the JNDI component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
140) Improper input validation (CVE-ID: CVE-2022-21626)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Security component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
141) Improper input validation (CVE-ID: CVE-2022-21628)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Lightweight HTTP Server component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
142) Improper access control (CVE-ID: CVE-2022-40768)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in the drivers/scsi/stex.c in the Linux kernel. A local user can obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
143) Race condition (CVE-ID: CVE-2022-41848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition in the drivers/char/pcmcia/synclink_cs.c in the Linux kernel. An attacker with physical proximity to the affected system can remove a PCMCIA device while calling ioctl, cause a race condition between mgslpc_ioctl and mgslpc_detach and perform a denial of service (DoS) attack.
144) Heap-based buffer overflow (CVE-ID: CVE-2021-3872)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
145) Type conversion (CVE-ID: CVE-2020-10735)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion in algorithms with quadratic time complexity when using non-binary bases within the int() call. A remote attacker can pass specially crafted data to the affected application and perform a denial of service (DoS) attack.
146) NULL pointer dereference (CVE-ID: CVE-2022-0561)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the memcpy() function within TIFFFetchStripThing() in tif_dirread.c. A remote attacker can trick victim to open specially crafted TIFF file and perform a denial of service (DoS) attack.
147) Double Free (CVE-ID: CVE-2022-2519)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the rotateImage() function in tiffcrop.c. A remote attacker can pass a specially crafted file to the application, trigger a double free and perform a denial of service (DoS) attack.148) Reachable Assertion (CVE-ID: CVE-2022-2520)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion within the rotateImage() function in tiffcrop.c. A remote attacker can pass a specially crafted file to the application, trigger assertion failure and perform a denial of service (DoS) attack.
149) Release of invalid pointer or reference (CVE-ID: CVE-2022-2521)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an invalid pointer free operation within the TIFFClose() function in tif_close.c. A remote attacker can pass a specially crafted file to the application and perform a denial of service (DoS) attack.150) Integer underflow (CVE-ID: CVE-2022-2867)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer underflow within the tiffcrop utility. A remote attacker can pass a specially crafted file to the affected application, trigger an integer underflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
151) Out-of-bounds read (CVE-ID: CVE-2022-2868)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the tiffcrop utility. A remote attacker can pass a specially crafted file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
152) Integer underflow (CVE-ID: CVE-2022-2869)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer underflow within the extractContigSamples8bits routine in the tiffcrop utility. A remote attacker can pass a specially crafted file to the affected application, trigger an integer underflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
153) Use of uninitialized resource (CVE-ID: CVE-2022-34266)
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c when processing a malicious TIFF file. A remote attacker can trick the victim into opening a specially crafted TIFF file, trigger uninitialized usage of resources and perform a denial of service attack.
154) Stack-based buffer overflow (CVE-ID: CVE-2022-34526)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the _TIFFVGetField() function in Tiffsplit. A remote attacker can pass specially crafted file to the application, trigger a stack-based buffer overflow and perform a denial of service (DoS) attack.
155) Out-of-bounds write (CVE-ID: CVE-2022-43995)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary condition within plugins/sudoers/auth/passwd.c when Sudo is configured to use the crypt() password backend (e.g. when passwd authentication is enabled). A local user with access to Sudo can enter a password of 8 characters or fewer to trigger a heap-based buffer over-read and gain access to sensitive information.
156) Out-of-bounds write (CVE-ID: CVE-2022-3627)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing TIFF images within the _TIFFmemcpy() function in libtiff/tif_unix.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
157) NULL pointer dereference (CVE-ID: CVE-2022-39028)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in telnetd daemon. A remote attacker can trigger NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8 and crash telnetd.
158) Untrusted search path (CVE-ID: CVE-2009-0316)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to untrusted search path in src/if_python.c in the Python interface in Vim. A local user can place a malicious python file in a directory and trick the victim to open a file in that directory.
159) Input validation error (CVE-ID: CVE-2016-1248)
The vulnerability allows a remote attacker to compromise the affected system.
im before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
160) Information disclosure (CVE-ID: CVE-2017-17087)
The vulnerability allows a local authenticated user to gain access to sensitive information.
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382.
161) Integer overflow (CVE-ID: CVE-2017-5953)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
162) Integer overflow (CVE-ID: CVE-2017-6349)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
163) Integer overflow (CVE-ID: CVE-2017-6350)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow when reading undo files. A remote attacker can trick the victim to open a specially crafted undo file, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
164) Heap-based buffer overflow (CVE-ID: CVE-2021-3778)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
165) Use-after-free (CVE-ID: CVE-2021-3796)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
166) Integer overflow (CVE-ID: CVE-2022-3970)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the TIFFReadRGBATileExt() function in libtiff/tif_getimage.c. A remote attacker can trick the victim to open a specially crafted TIFF file, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
167) Out-of-bounds write (CVE-ID: CVE-2022-3626)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing TIFF images within the _TIFFmemset() function in libtiff/tif_unix.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
168) Race condition (CVE-ID: CVE-2022-41850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the roccat_report_event() function in drivers/hid/hid-roccat.c. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.
169) Integer overflow (CVE-ID: CVE-2022-45934)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the l2cap_config_req() function in net/bluetooth/l2cap_core.c in Linux kernel. A local user can pass specially crafted L2CAP_CONF_REQ packets to the device, trigger an integer overflow and execute arbitrary code with elevated privileges.
170) NULL pointer dereference (CVE-ID: CVE-2022-41858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the sl_tx_timeout() function in drivers/net/slip in Linux kernel. A local user can perform a denial of service (DoS) attack.
171) Resource management error (CVE-ID: CVE-2022-42328)
The vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources. An attacker with access to the guest OS can trigger deadlock in Linux netback driver and perform a denial of service (DoS) attack of the host via the paravirtualized network interface.
172) Resource management error (CVE-ID: CVE-2022-42329)
The vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources. An attacker with access to the guest OS can trigger deadlock in Linux netback driver and perform a denial of service (DoS) attack of the host via the paravirtualized network interface.
173) Use-after-free (CVE-ID: CVE-2022-42703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the mm/rmap.c in the Linux kernel, related to leaf anon_vma double reuse. A local user can trigger a use-after-free error and crash the kernel.
174) Access of Uninitialized Pointer (CVE-ID: CVE-2022-42895)
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to unauthorized access of uninitialized pointer within the l2cap_parse_conf_req() function in net/bluetooth/l2cap_core.c. An attacker with physical proximity to the affected device can gain access to sensitive information.
175) Use-after-free (CVE-ID: CVE-2022-42896)
The vulnerability allows an attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the l2cap_connect() and l2cap_le_connect_req() function in net/bluetooth/l2cap_core.c. An attacker with physical proximity to the affected device can trigger a use-after-free error and execute arbitrary code on the system.
176) Out-of-bounds write (CVE-ID: CVE-2022-43750)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
177) Stack-based buffer overflow (CVE-ID: CVE-2022-4378)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the __do_proc_dointvec() function. A local user can trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.
178) Buffer overflow (CVE-ID: CVE-2022-43945)
The vulnerability allows a remote attacker to perform a denial of service attacl.
The vulnerability exists due to a boundary error within the Linux kernel NFSD implementation. A remote attacker can send the RPC message over TCP with garbage data added at the end of the message, trigger memory corruption and perform a denial of service (DoS) attack.
179) Improper Authorization (CVE-ID: CVE-2022-41974)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrectly implemented authorization process within multipathd daemon. A local unprivileged user can bypass build-in authorization and execute privileged commands on the system.
180) Out-of-bounds read (CVE-ID: CVE-2022-3599)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in the writeSingleSection() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
181) Integer overflow (CVE-ID: CVE-2022-42898)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to an integer overflow within the S4U2Proxy handler on 32-bit systems. A remote user can send specially crafted request to the KDC server, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
182) Use-after-free (CVE-ID: CVE-2022-43680)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
183) Integer overflow (CVE-ID: CVE-2022-3515)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the CRL parser in libksba. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
184) Out-of-bounds write (CVE-ID: CVE-2022-44638)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the rasterize_edges_8() function. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
185) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-1552)
The vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to incorrectly imposed security restrictions in Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck. A remote authenticated user with permission to create non-temp objects can execute arbitrary SQL functions under a superuser identity and escalate privileges within the application.
186) Open redirect (CVE-ID: CVE-2021-28861)
The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data in lib/http/server.py due to missing protection against multiple (/) at the beginning of URI path. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
187) Resource exhaustion (CVE-ID: CVE-2022-45061)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to usage of an unnecessary quadratic algorithm in one path when processing some inputs to the IDNA (RFC 3490) decoder. A remote attacker can pass a specially crafted name to he decoder, trigger resource excessive CPU consumption and perform a denial of service (DoS) attack.
188) Off-by-one (CVE-ID: CVE-2021-46848)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an ETYPE_OK off-by-one error in asn1_encode_simple_der in Libtasn1. A remote attacker can pass specially crafted data to the application, trigger an off-by-one error and perform a denial of service (DoS) attack.
189) Out-of-bounds write (CVE-ID: CVE-2022-3597)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing TIFF images within the _TIFFmemcpy() function in libtiff/tif_unix.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
Remediation
Install update from vendor's website.