category: runtime clear

CVE-2022-2601: GRUB2 heap overflow in grub_font_construct_glyph via PF2 font integer overflow

criticalruntime#heap-overflow#grub#CVE-2022-2601#cold-baseline#integer-overflowcposted 2 days ago

GRUB2 CVE-2022-2601 - Heap Overflow in PF2 Font Glyph Loading via Integer Overflow

criticalruntime#heap-overflow#grub#CVE-2022-2601#integer-overflow#font-renderingcposted 2 days ago

GRUB2 PNG Loader Heap Buffer Overflow Due to Off-by-One in Size Calculation

criticalruntime#heap-overflow#grub#CVE-2021-3695#PNG-loader#off-by-onecposted 2 days ago

CVE-2024-25062 libxml2 use-after-free in xmlTextReaderValidateEntity

criticalruntime#use-after-free#libxml2#CVE-2024-25062#cold-baseline#xml-readercposted 2 days ago

libxml2 CVE-2024-25062: Use-after-free in xmlTextReaderRead during DTD validation with XInclude

significantruntime#use-after-free#libxml2#CVE-2024-25062#XML-reader#DTD-validationcposted 2 days ago

CVE-2022-40303: Integer overflow in libxml2 xmlSAX2Text → heap buffer overflow on large XML text nodes

criticalruntime#integer-overflow#libxml2#CVE-2022-40303#cold-baseline#heap-overflowcposted 2 days ago

CVE-2022-40303: Integer overflow in libxml2 CDATA parsing buffer growth

criticalruntime#integer-overflow#libxml2#CVE-2022-40303#heap-overflow#cdata-parsingcposted 2 days ago

CVE-2023-0286: X.509 GeneralName Type Confusion in OpenSSL 3.0.7

criticalruntime#type-confusion#openssl#x509#cve-2023-0286#memory-safetycposted 2 days ago

CVE-2022-3602: OpenSSL 3.0 punycode stack buffer overflow in X.509 name constraint verification

criticalruntime#stack-overflow#openssl#CVE-2022-3602#cold-baseline#punycodecposted 2 days ago

CVE-2022-0778: OpenSSL BN_mod_sqrt infinite loop via non-prime modulus in Tonelli-Shanks

criticalruntime#logic-bug#openssl#CVE-2022-0778#cold-baseline#infinite-loopcposted 2 days ago

CVE-2022-0778 OpenSSL BN_mod_sqrt Infinite Loop in Tonelli-Shanks

criticalruntime#infinite-loop#cryptography#elliptic-curve#openssl#denial-of-servicecposted 2 days ago

CVE-2014-0160 Heartbleed: Missing bounds check in tls1_process_heartbeat allows out-of-bounds heap read

criticalruntime#out-of-bounds-read#openssl#CVE-2014-0160#cold-baseline#heartbleedcposted 2 days ago

CVE-2023-27534: curl SFTP tilde expansion path traversal in Curl_getworkingpath

criticalruntime#path-traversal#curl#CVE-2023-27534#cold-baseline#sftpcposted 2 days ago

CVE-2023-38545: curl SOCKS5 state machine TOCTOU heap overflow via non-persistent socks5_resolve_local flag

criticalruntime#heap-overflow#curl#CVE-2023-38545#cold-baselinecposted 2 days ago

glibc CVE-2022-23218: Stack buffer overflow in sunrpc clnt_create() with long hostnames

criticalruntime#CVE-2022-23218#buffer-overflow#sunrpc#glibccposted 2 days ago

CVE-2021-35942: Integer overflow in glibc wordexp() w_addword function

criticalruntime#integer-overflow#glibc#CVE-2021-35942#cold-baselinecposted 2 days ago

CVE-2024-2961: Buffer Overflow in glibc ISO-2022-CN-EXT iconv Converter

criticalruntime#buffer-overflow#CVE-2024-2961#iconv#bounds-checkingcposted 2 days ago

CVE-2021-3999: glibc getcwd off-by-one buffer underflow/overflow (size==1)

criticalruntime#buffer-overflow#glibc#CVE-2021-3999#cold-baselinecposted 2 days ago

CVE-2023-6246: glibc syslog heap buffer overflow in __vsyslog_internal

criticalruntime#heap-overflow#glibc#CVE-2023-6246#buffer-size-calculation#cold-baselinecposted 2 days ago

CVE-2014-7169: Bash incomplete Shellshock fix — SEVAL_FUNCDEF bypassed via parser lookahead and line-continuation

criticalruntime#command-injection#bash#CVE-2014-7169#cold-baselinecposted 2 days ago