Showing 1 - 5 of 5

CVE-2022-2581

Status Candidate

Overview

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.

Ubuntu Security Notice USN-5995-1: Posted Apr 4, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5995-1 - It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2022-0413, CVE-2022-1733, CVE-2022-1735, CVE-2022-1851, CVE-2022-1898, CVE-2022-1942, CVE-2022-1968, CVE-2022-2126, CVE-2022-2129, CVE-2022-2304, CVE-2022-2344, CVE-2022-2345, CVE-2022-2581, CVE-2022-2923; SHA-256 | 0b2cf4bccf6e67bffaafc2268298e79b5de7f683bf515ae19e83e4a234862099; Download | Favorite | View

Ubuntu Security Notice USN-5775-1: Posted Dec 12, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5775-1 - It was discovered that Vim uses freed memory in recursive substitution of specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. It was discovered that Vim makes illegal memory calls when patterns start with an illegal byte. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. It was discovered that Vim could be made to crash when parsing invalid line numbers. An attacker could possibly use this to crash Vim and cause denial of service.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2022-2345, CVE-2022-2581, CVE-2022-3099, CVE-2022-3256, CVE-2022-3324, CVE-2022-3591; SHA-256 | 86a76a57dca961e715fa59af00dc3256a194ac2f855e321e3ac71a71ca7500f1; Download | Favorite | View

Transposh WordPress Translation 1.0.8.1 Remote Code Execution: Posted Jul 29, 2022; Authored by Julien Ahrens | Site rcesecurity.com; Transposh WordPress Translation versions 1.0.8.1 and below have a "save_transposh" action available at "/wp-admin/admin.php?page=tp_advanced" that does not properly validate the "Log file name" allowing an attacker with the "Administrator" role to specify a .php file as the log destination. Since the log file is stored directly within the "/wp-admin" directory, executing arbitrary PHP code is possible by simply sending a crafted request that gets logged.; tags | exploit, arbitrary, php; advisories | CVE-2022-25812; SHA-256 | 8347827a18239dee9d623ea317bc7751b1e867031f7d4bbe6349594f42f4006f; Download | Favorite | View

Transposh WordPress Translation 1.0.8.1 SQL Injection: Posted Jul 29, 2022; Authored by Julien Ahrens | Site rcesecurity.com; Transposh WordPress Translation versions 1.0.8.1 and below have a "tp_editor" page at "/wp-admin/admin.php?page=tp_editor" that is vulnerable to two authenticated, blind SQL injections when user-supplied input to the HTTP GET parameters "order" and "orderby" is processed by the web application.; tags | exploit, web, php, sql injection; advisories | CVE-2022-25811; SHA-256 | 6ffce07022d6d645854345ed70ea8823b6aaf618f4db874a0b2b20afa74331a3; Download | Favorite | View

Transposh WordPress Translation 1.0.8.1 Improper Authorization: Posted Jul 29, 2022; Authored by Julien Ahrens | Site rcesecurity.com; Transposh WordPress Translation versions 1.0.8.1 and below do not properly enforce authorization on functionalities available on the plugin's "Utilities" page leading to unauthorized access for all user roles, including "Subscriber".; tags | exploit; advisories | CVE-2022-25810; SHA-256 | af33faff2eac2d7e60b23a09b13a21e743b2acab343abb9a1ba1e8f3913a386d; Download | Favorite | View

Page 1 of 1 Back 1 Next