Total
2814 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0179 | 4 Canonical, Fedoraproject, Linux and 1 more | 14 Ubuntu Linux, Fedora, Linux Kernel and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
| A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. | |||||
| CVE-2022-4398 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.8 HIGH |
| Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. | |||||
| CVE-2022-48837 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndis_set_response() If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow. | |||||
| CVE-2022-48336 | 1 Widevine | 1 Trusted Application | 2024-11-21 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48335 | 1 Widevine | 1 Trusted Application | 2024-11-21 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48334 | 1 Widevine | 1 Trusted Application | 2024-11-21 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48333 | 1 Widevine | 1 Trusted Application | 2024-11-21 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48332 | 1 Widevine | 1 Trusted Application | 2024-11-21 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48331 | 1 Widevine | 1 Trusted Application | 2024-11-21 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow. | |||||
| CVE-2022-47454 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-43608 | 1 Canon | 2 Mf644cdw, Mf644cdw Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.03 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-16032. | |||||
| CVE-2022-42265 | 1 Nvidia | 6 Geforce, Gpu Display Driver, Nvs and 3 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure or data tampering. | |||||
| CVE-2022-42263 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2024-11-21 | N/A | 7.1 HIGH |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure. | |||||
| CVE-2022-42259 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service. | |||||
| CVE-2022-42258 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure. | |||||
| CVE-2022-42257 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service. | |||||
| CVE-2022-42256 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow in index validation may lead to denial of service, information disclosure, or data tampering. | |||||
| CVE-2022-41903 | 1 Git-scm | 1 Git | 2024-11-21 | N/A | 9.8 CRITICAL |
| Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`. | |||||
| CVE-2022-41409 | 1 Pcre | 1 Pcre2 | 2024-11-21 | N/A | 7.5 HIGH |
| Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input. | |||||
| CVE-2022-40983 | 1 Qt | 1 Qt | 2024-11-21 | N/A | 8.8 HIGH |
| An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this vulnerability. | |||||