Total
7206 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1720 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. | ||||
| CVE-2022-1622 | 4 Apple, Fedoraproject, Libtiff and 1 more | 7 Iphone Os, Macos, Tvos and 4 more | 2024-08-03 | 5.5 Medium |
| LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. | ||||
| CVE-2022-1623 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-08-03 | 5.5 Medium |
| LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. | ||||
| CVE-2022-1587 | 4 Fedoraproject, Netapp, Pcre and 1 more | 17 Fedora, Active Iq Unified Manager, H300s and 14 more | 2024-08-03 | 9.1 Critical |
| An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. | ||||
| CVE-2022-1586 | 4 Fedoraproject, Netapp, Pcre and 1 more | 17 Fedora, Active Iq Unified Manager, H300s and 14 more | 2024-08-03 | 9.1 Critical |
| An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. | ||||
| CVE-2022-1533 | 1 Libmobi Project | 1 Libmobi | 2024-08-03 | 7.8 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. This vulnerability is capable of arbitrary code execution. | ||||
| CVE-2022-1534 | 1 Libmobi Project | 1 Libmobi | 2024-08-03 | 7.1 High |
| Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. | ||||
| CVE-2022-1508 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 6.1 Medium |
| An out-of-bounds read flaw was found in the Linux kernel’s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds. | ||||
| CVE-2022-1420 | 4 Apple, Fedoraproject, Redhat and 1 more | 4 Macos, Fedora, Enterprise Linux and 1 more | 2024-08-03 | 5.5 Medium |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. | ||||
| CVE-2022-1452 | 1 Radare | 1 Radare2 | 2024-08-03 | 7.1 High |
| Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html). | ||||
| CVE-2022-1451 | 1 Radare | 1 Radare2 | 2024-08-03 | 7.1 High |
| Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html). | ||||
| CVE-2022-1354 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-08-03 | 5.5 Medium |
| A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. | ||||
| CVE-2022-1441 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-08-03 | 7.8 High |
| MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow. | ||||
| CVE-2022-1427 | 1 Mruby | 1 Mruby | 2024-08-03 | 7.8 High |
| Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited. | ||||
| CVE-2022-1296 | 1 Radare | 1 Radare2 | 2024-08-02 | 9.1 Critical |
| Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash. | ||||
| CVE-2022-1276 | 1 Mruby | 1 Mruby | 2024-08-02 | 9.8 Critical |
| Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited. | ||||
| CVE-2022-1297 | 1 Radare | 1 Radare2 | 2024-08-02 | 9.1 Critical |
| Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash. | ||||
| CVE-2022-1207 | 1 Radare | 1 Radare2 | 2024-08-02 | 6.6 Medium |
| Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary. | ||||
| CVE-2022-1056 | 2 Libtiff, Netapp | 2 Libtiff, Active Iq Unified Manager | 2024-08-02 | 5.5 Medium |
| Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd. | ||||
| CVE-2022-1069 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2024-08-02 | 7.5 High |
| A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. | ||||