| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2. |
| A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact |
| Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045. |
| Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. |
| libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service |
| Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. |
| A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. |
| NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4. |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. |
| A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2. |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. |
| Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2. |
| Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c. |