| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. |
| A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact |
| OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11. |
| OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4. |
| Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. |
| Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. |
| Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. |
| OS Command Injection in Packagist microweber/microweber prior to 1.2.11. |
| Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2. |
| Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2. |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2. |
| A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. |
