| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. |
| The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. |
| The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of validation, sanitisation and escaping in some of them, it could also lead to Stored XSS issues |
| The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it |
| A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. |
| A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. |
| Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2. |
| The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles |
| A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. |
| Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. |
