Total
7228 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-23192 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-23191 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-23190 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-23130 | 2 Iconics, Mitsubishielectric | 3 Genesis64, Hyper Historian, Mc Works64 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01), ICONICS GENESIS64 versions 10.97 and prior and ICONICS Hyper Historian versions 10.97 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64 or MC Works64 and execute commands against the database from GENESIS64 or MC Works64. | |||||
CVE-2022-23124 | 2 Debian, Netatalk | 2 Debian Linux, Netatalk | 2024-11-21 | N/A | 9.8 CRITICAL |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the get_finderinfo method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15870. | |||||
CVE-2022-23123 | 2 Debian, Netatalk | 2 Debian Linux, Netatalk | 2024-11-21 | N/A | 9.8 CRITICAL |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830. | |||||
CVE-2022-23097 | 2 Debian, Intel | 2 Debian Linux, Connman | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read. | |||||
CVE-2022-23096 | 2 Debian, Intel | 2 Debian Linux, Connman | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read. | |||||
CVE-2022-22844 | 3 Debian, Libtiff, Netapp | 3 Debian Linux, Libtiff, Ontap Select Deploy Administration Utility | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. | |||||
CVE-2022-22816 | 2 Debian, Python | 2 Debian Linux, Pillow | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. | |||||
CVE-2022-22664 | 1 Apple | 3 Garageband, Logic Pro X, Macos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | |||||
CVE-2022-22627 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
CVE-2022-22626 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
CVE-2022-22625 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
CVE-2022-22611 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
CVE-2022-22608 | 1 Apple | 1 Xcode | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | |||||
CVE-2022-22607 | 1 Apple | 1 Xcode | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | |||||
CVE-2022-22606 | 1 Apple | 1 Xcode | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | |||||
CVE-2022-22605 | 1 Apple | 1 Xcode | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | |||||
CVE-2022-22604 | 1 Apple | 1 Xcode | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. |