| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data |
| Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. |
| Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device. This issue affects: EZVIZ CS-CV248 versions prior to 5.2.3 build 220725. EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428. EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802. EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712. EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723. |
| GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client |
| The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. |
| Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. |
| The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. |
| The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it |
