Security Vulnerabilities - CVEs Published In June 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-06-19
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-06-19
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-06-19
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-06-19
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
CVSS Score
7.3
EPSS Score
0.002
Published
2022-06-19
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-06-19
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-06-19
A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.
CVSS Score
7.3
EPSS Score
0.002
Published
2022-06-19
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-06-19
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-06-19