Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-2816

Summary
Assigner-@huntrdev
Assigner Org ID-c09c270a-b464-47c1-9133-acb35b22c19a
Published At-15 Aug, 2022 | 00:00
Updated At-03 Aug, 2024 | 00:52
Rejected At-
Credits

Out-of-bounds Read in vim/vim

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–ĽCommon Vulnerabilities and Exposures (CVE)
cve.org
Assigner:@huntrdev
Assigner Org ID:c09c270a-b464-47c1-9133-acb35b22c19a
Published At:15 Aug, 2022 | 00:00
Updated At:03 Aug, 2024 | 00:52
Rejected At:
â–ĽCVE Numbering Authority (CNA)
Out-of-bounds Read in vim/vim

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.

Affected Products
Vendor
Vimvim
Product
vim/vim
Versions
Affected
  • From unspecified before 9.0.0212 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58
N/A
https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/
vendor-advisory
https://security.gentoo.org/glsa/202305-16
vendor-advisory
Hyperlink: https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58
Resource: N/A
Hyperlink: https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/
Resource:
vendor-advisory
Hyperlink: https://security.gentoo.org/glsa/202305-16
Resource:
vendor-advisory
â–ĽAuthorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58
x_transferred
https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/
vendor-advisory
x_transferred
https://security.gentoo.org/glsa/202305-16
vendor-advisory
x_transferred
Hyperlink: https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58
Resource:
x_transferred
Hyperlink: https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666
Resource:
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/
Resource:
vendor-advisory
x_transferred
Hyperlink: https://security.gentoo.org/glsa/202305-16
Resource:
vendor-advisory
x_transferred
Information is not available yet
â–ĽNational Vulnerability Database (NVD)
nvd.nist.gov
Source:security@huntr.dev
Published At:15 Aug, 2022 | 22:15
Updated At:07 Nov, 2023 | 03:46

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Secondary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Vim
vim
>>vim>>Versions before 9.0.0212(exclusive)
cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>35
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarysecurity@huntr.dev
CWE ID: CWE-125
Type: Primary
Source: security@huntr.dev
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666security@huntr.dev
Patch
Third Party Advisory
https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58security@huntr.dev
Exploit
Patch
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/security@huntr.dev
N/A
https://security.gentoo.org/glsa/202305-16security@huntr.dev
N/A
Hyperlink: https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666
Source: security@huntr.dev
Resource:
Patch
Third Party Advisory
Hyperlink: https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58
Source: security@huntr.dev
Resource:
Exploit
Patch
Third Party Advisory
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/
Source: security@huntr.dev
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/202305-16
Source: security@huntr.dev
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1489Records found
CVE-2022-39377
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7||HIGH
EPSS-1.19% / 78.87%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-03 Nov, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
sysstat Incorrect Buffer Size calculation on 32-bit systems results in RCE via buffer overflow

sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.

Action-Not Available
Vendor-sysstat_projectsysstatFedora ProjectDebian GNU/Linux
Product-fedoradebian_linuxsysstatsysstat
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2022-39832
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.75%
||
7 Day CHG~0.00%
Published-05 Sep, 2022 | 04:12
Updated-03 Aug, 2024 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Action-Not Available
Vendor-n/aGNUFedora Project
Product-fedorapsppn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38784
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.50%
||
7 Day CHG~0.00%
Published-30 Aug, 2022 | 02:58
Updated-17 Sep, 2024 | 03:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora Projectfreedesktop.org
Product-debian_linuxfedorapopplern/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-37048
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.52%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.

Action-Not Available
Vendor-n/aFedora ProjectBroadcom Inc.
Product-tcpreplayfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37047
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.52%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.

Action-Not Available
Vendor-n/aFedora ProjectBroadcom Inc.
Product-tcpreplayfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-26252
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.12%
||
7 Day CHG-0.00%
Published-24 Feb, 2022 | 00:00
Updated-03 Aug, 2024 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in pspdf_prepare_page(),in ps-pdf.cxx may lead to execute arbitrary code and denial of service.

Action-Not Available
Vendor-htmldoc_projectn/aRed Hat, Inc.Fedora Project
Product-htmldocenterprise_linuxfedorahtmldoc
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-4781
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.02% / 6.05%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 18:32
Updated-03 Nov, 2025 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.

Action-Not Available
Vendor-VimDebian GNU/LinuxApple Inc.
Product-macosdebian_linuxvimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2016-7163
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.51% / 66.27%
||
7 Day CHG~0.00%
Published-21 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

Action-Not Available
Vendor-uclouvainn/aRed Hat, Inc.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusfedoraenterprise_linux_desktopopenjpegenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-4733
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.3||HIGH
EPSS-0.04% / 10.40%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 13:47
Updated-13 Feb, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.1840.

Action-Not Available
Vendor-Fedora ProjectVimApple Inc.
Product-fedoramacosvimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2023-4751
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.42%
||
7 Day CHG~0.00%
Published-03 Sep, 2023 | 18:54
Updated-13 Feb, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.

Action-Not Available
Vendor-VimApple Inc.
Product-macosvimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37049
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.52%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942.

Action-Not Available
Vendor-n/aFedora ProjectBroadcom Inc.
Product-tcpreplayfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-6299
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.81%
||
7 Day CHG~0.00%
Published-14 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.

Action-Not Available
Vendor-mock_projectn/aFedora Project
Product-scm_pluginfedoran/a
CVE-2021-23177
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.63%
||
7 Day CHG~0.00%
Published-23 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectlibarchiveRed Hat, Inc.
Product-debian_linuxlibarchiveenterprise_linux_server_ausfedoraenterprise_linuxenterprise_linux_for_ibm_z_systemsenterprise_linux_eusenterprise_linux_for_power_little_endian_eusenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_server_tusenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systems_euscodeready_linux_builderlibarchive
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-38223
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.46%
||
7 Day CHG~0.00%
Published-15 Aug, 2022 | 00:00
Updated-04 Nov, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.

Action-Not Available
Vendor-tatsn/aFedora Project
Product-fedoraw3mn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22204
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-6.8||MEDIUM
EPSS-92.86% / 99.77%
||
7 Day CHG~0.00%
Published-23 Apr, 2021 | 17:22
Updated-03 Nov, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-01||Apply updates per vendor instructions.

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

Action-Not Available
Vendor-exiftool_projectExifToolPerlDebian GNU/LinuxFedora Project
Product-fedoradebian_linuxexiftoolExifToolExiftool
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-36664
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-6.43% / 91.08%
||
7 Day CHG~0.00%
Published-25 Jun, 2023 | 00:00
Updated-05 Dec, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectArtifex Software Inc.
Product-debian_linuxfedoraghostscriptn/a
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2022-3591
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.43%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0789.

Action-Not Available
Vendor-Vim
Product-vimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-3520
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.38%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.

Action-Not Available
Vendor-Vim
Product-vimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3491
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-4||MEDIUM
EPSS-0.02% / 5.30%
||
7 Day CHG~0.00%
Published-03 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.

Action-Not Available
Vendor-Vim
Product-vimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34318
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.52%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 17:16
Updated-27 Jun, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-buffer-overflow in src/hcom.c

A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.SoX - Sound eXchange
Product-fedorasound_exchangeenterprise_linuxextra_packages_for_enterprise_linuxExtra Packages for Enterprise LinuxsoxRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3324
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-27 Sep, 2022 | 00:00
Updated-03 Nov, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in vim/vim

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.

Action-Not Available
Vendor-VimFedora ProjectDebian GNU/Linux
Product-fedoradebian_linuxvimvim/vim
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3352
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.99%
||
7 Day CHG~0.00%
Published-29 Sep, 2022 | 00:00
Updated-20 May, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0614.

Action-Not Available
Vendor-VimFedora ProjectDebian GNU/Linux
Product-vimdebian_linuxfedoravim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-3296
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.17%
||
7 Day CHG~0.00%
Published-25 Sep, 2022 | 00:00
Updated-22 May, 2025 | 14:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in vim/vim

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3235
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.21%
||
7 Day CHG~0.00%
Published-18 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0490.

Action-Not Available
Vendor-Fedora ProjectVimDebian GNU/Linux
Product-vimdebian_linuxfedoravim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-3234
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.91%
||
7 Day CHG~0.00%
Published-17 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.

Action-Not Available
Vendor-Fedora ProjectVimDebian GNU/Linux
Product-vimdebian_linuxfedoravim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3297
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.82%
||
7 Day CHG~0.00%
Published-25 Sep, 2022 | 00:00
Updated-21 May, 2025 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0579.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-3256
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-22 Sep, 2022 | 00:00
Updated-23 May, 2025 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0530.

Action-Not Available
Vendor-Fedora ProjectVimDebian GNU/Linux
Product-vimdebian_linuxfedoravim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-32546
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.43%
||
7 Day CHG+0.01%
Published-16 Jun, 2022 | 00:00
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora ProjectImageMagick Studio LLC
Product-extra_packages_for_enterprise_linuxenterprise_linuxfedoraimagemagickImageMagick
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-32547
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.29%
||
7 Day CHG~0.00%
Published-16 Jun, 2022 | 00:00
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora ProjectImageMagick Studio LLC
Product-enterprise_linuxfedoraimagemagickImageMagick
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2022-3099
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.81%
||
7 Day CHG~0.00%
Published-03 Sep, 2022 | 00:00
Updated-03 Nov, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0360.

Action-Not Available
Vendor-VimFedora ProjectDebian GNU/Linux
Product-fedoradebian_linuxvimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-3134
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.62%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 00:00
Updated-03 Nov, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0389.

Action-Not Available
Vendor-VimDebian GNU/Linux
Product-debian_linuxvimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-2946
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.80%
||
7 Day CHG~0.00%
Published-23 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 00:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0246.

Action-Not Available
Vendor-Fedora ProjectVimDebian GNU/Linux
Product-vimdebian_linuxfedoravim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-3037
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.20%
||
7 Day CHG~0.00%
Published-30 Aug, 2022 | 20:35
Updated-03 Aug, 2024 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0322.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-2982
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.6||HIGH
EPSS-0.06% / 19.75%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 00:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0260.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-3016
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.46%
||
7 Day CHG~0.00%
Published-28 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 00:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0286.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2018-5345
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.86% / 75.10%
||
7 Day CHG~0.00%
Published-12 Jan, 2018 | 00:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxThe GNOME ProjectFedora ProjectRed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusgcabenterprise_linux_server_ausenterprise_linux_workstationfedoraenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-2862
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.6||HIGH
EPSS-0.11% / 29.54%
||
7 Day CHG~0.00%
Published-17 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 00:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0221.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-2889
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.71%
||
7 Day CHG~0.00%
Published-19 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 00:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0225.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-2819
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.81%
||
7 Day CHG~0.00%
Published-15 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 00:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-2817
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.34%
||
7 Day CHG~0.00%
Published-15 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 00:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0213.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2022-2849
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.28%
||
7 Day CHG~0.00%
Published-17 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 00:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-26981
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.37% / 58.70%
||
7 Day CHG~0.00%
Published-13 Mar, 2022 | 00:00
Updated-03 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).

Action-Not Available
Vendor-liblouisn/aFedora ProjectApple Inc.
Product-iphone_osliblouiswatchosipadostvosfedoramacosn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-27470
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.97%
||
7 Day CHG~0.00%
Published-04 May, 2022 | 02:34
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file.

Action-Not Available
Vendor-libsdln/aFedora Project
Product-sdl_ttffedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26126
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.98%
||
7 Day CHG~0.00%
Published-03 Mar, 2022 | 00:00
Updated-04 Nov, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.

Action-Not Available
Vendor-frroutingn/aFedora Project
Product-fedorafrroutingFRRouting
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-2571
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.83%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 14:12
Updated-03 Aug, 2024 | 00:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.

Action-Not Available
Vendor-Vim
Product-vimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-2580
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.3||HIGH
EPSS-0.04% / 12.92%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 14:12
Updated-03 Aug, 2024 | 00:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.

Action-Not Available
Vendor-Vim
Product-vimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-2522
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.79%
||
7 Day CHG~0.00%
Published-25 Jul, 2022 | 00:00
Updated-03 Aug, 2024 | 00:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.

Action-Not Available
Vendor-Vim
Product-vimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-23804
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.95% / 76.40%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-15 Apr, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-kicadn/aFedora ProjectDebian GNU/Linux
Product-edadebian_linuxfedoraKiCad
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23803
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-1.28% / 79.64%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-15 Apr, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-kicadn/aFedora ProjectDebian GNU/Linux
Product-edadebian_linuxfedoraKiCad
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23946
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.75% / 73.19%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:28
Updated-15 Apr, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-kicadn/aFedora ProjectDebian GNU/Linux
Product-debian_linuxfedorakicad_edaKiCad
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 29
  • 30
  • Next
Details not found