CVSS: 3.7EPSS: 0%CPEs: 20EXPL: 0CVE-2023-22036 – OpenJDK: ZIP file parsing infinite loop (8302483)
https://notcve.org/view.php?id=CVE-2023-22036
18 Jul 2023 — Issues addressed include denial of service and integer overflow vulnerabilities. • https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 3.1EPSS: 0%CPEs: 20EXPL: 0CVE-2023-22006 – OpenJDK: HTTP client insufficient file name validation (8302475)
https://notcve.org/view.php?id=CVE-2023-22006
18 Jul 2023 — Issues addressed include denial of service and integer overflow vulnerabilities. • https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34119 – Ubuntu Security Notice USN-7189-1
https://notcve.org/view.php?id=CVE-2021-34119
18 Jul 2023 — It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. • https://github.com/michaelrsweet/htmldoc/commit/85fa76d77ed69927d24decf476e69bedc7691f48 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34121 – Ubuntu Security Notice USN-7189-1
https://notcve.org/view.php?id=CVE-2021-34121
18 Jul 2023 — It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. • https://github.com/michaelrsweet/htmldoc/commit/c67bbd8756f015e33e4ba639a40c7f9d8bd9e8ab • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33065 – libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS
https://notcve.org/view.php?id=CVE-2022-33065
18 Jul 2023 — Libsndfile is vulnerable to integer overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c allows an attacker to cause Denial of Service. • https://github.com/libsndfile/libsndfile/issues/789 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41409
https://notcve.org/view.php?id=CVE-2022-41409
18 Jul 2023 — Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input. • https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38403 – iperf3: memory allocation hazard and crash
https://notcve.org/view.php?id=CVE-2023-38403
17 Jul 2023 — iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. An integer overflow flaw was found in the way iperf3 dynamically allocates memory buffers for JSON-formatted messages. A remote attacker could send a specially crafted sequence of bytes on the iperf3 control channel with a specified JSON message length of 0xffffffff to trigger an integer overflow leading the receiving process to abort due to heap corruption. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38427 – Ubuntu Security Notice USN-6466-1
https://notcve.org/view.php?id=CVE-2023-38427
17 Jul 2023 — An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 2CVE-2022-24834 – Heap overflow issue with the Lua cjson library used by Redis
https://notcve.org/view.php?id=CVE-2022-24834
13 Jul 2023 — An attacker could possibly use this issue to trigger an integer overflow, which might cause Redis to allocate impossible amounts of memory, resulting in a denial of service via an application crash. • https://github.com/convisolabs/CVE-2022-24834 • CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21241
https://notcve.org/view.php?id=CVE-2023-21241
12 Jul 2023 — In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. • https://android.googlesource.com/platform/system/nfc/+/907d17eeefec6f672ea824e126406e6d8f6b56d8 • CWE-190: Integer Overflow or Wraparound •