CVE-2022-37052
A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.
Source: CVE-2022-37052
[월:] 2023년 08월
CVE-2022-37051
CVE-2022-37051
An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
Source: CVE-2022-37051
CVE-2022-37050
CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.
Source: CVE-2022-37050
CVE-2022-35206
CVE-2022-35206
Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c.
Source: CVE-2022-35206
CVE-2022-36648
CVE-2022-36648
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS.
Source: CVE-2022-36648
CVE-2022-34038
CVE-2022-34038
Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go
Source: CVE-2022-34038
CVE-2022-35205
CVE-2022-35205
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.
Source: CVE-2022-35205
CVE-2022-38349
CVE-2022-38349
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.
Source: CVE-2022-38349
CVE-2022-28070
CVE-2022-28070
A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.
Source: CVE-2022-28070
CVE-2022-28071
CVE-2022-28071
A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.
Source: CVE-2022-28071