Security
Headlines
HeadlinesLatestCVEs

Source

CVE

CVE-2022-28069: Fix oobread in VAX disassembler (tests_64920) ##crash · radareorg/radare2@49b0ceb

A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.

CVE
#vulnerability#git#buffer_overflow
CVE-2021-32422: Improved robustness to fuzzed input (d317e406) · Commits · Dwight Aplevich / dpic · GitLab

dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array.

CVE-2022-28073: Fix uaf crash in aaft (tests_64927) ##crash · radareorg/radare2@59a9dfb

A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.

CVE-2022-28071: Fix UAF in aaft (tests_64923) ##crash · radareorg/radare2@6544881

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.

CVE-2022-28070: Fix oobread crash in the analysis loop with corrupted ELFs (tests_649… · radareorg/radare2@4aff1bb

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.

CVE-2022-34038: fix(pkg/ioutil):avoid panic in PageWriter.Write() when pageBytes is 0 by secsys-go · Pull Request #14022 · etcd-io/etcd

Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go

CVE-2020-24295: FreeImage / Discussion / Developers: Four Vulnerabilities about Freeimage 3.19.0

Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file.

CVE-2020-22181

A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi