Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2022-24048: ZDI-22-363

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191.

CVE
Open in Source
#sql#vulnerability#buffer_overflow#auth
CVE-2021-3657: security - CVE-2021-3657: multiple buffer overflows in isync/mbsync

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.

CVE-2021-43302

Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.

CVE-2021-3752: [PATCH 5.15 187/917] Bluetooth: fix use-after-free error in lock_sock_nested()

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CVE-2022-23803: TALOS-2022-1453 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2022-0572: Heap-based Buffer Overflow in vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

CVE-2021-44956: Heap-buffer-overflows in jfif_decode() at jfif.c:552:31 and 552:38 · Issue #43 · rockcarry/ffjpeg

Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file.

CVE-2021-44957: global-buffer-overflow in function jfif_encode at jfif.c:708 · Issue #44 · rockcarry/ffjpeg

Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file.

CVE-2021-41816

CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby.