CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24817 – RIOT-OS vulnerable to Out of Bounds write in routing with SRH
https://notcve.org/view.php?id=CVE-2023-24817
30 May 2023 — Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer. • https://github.com/RIOT-OS/RIOT/commit/34dc1757f5621be48e226cfebb2f4c63505b5360 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48333 – Widevine Trustlet 5.x drm_verify_keys Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48333
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48333_Buffer_Overflow_in_Widevine_drm_verify_keys_0x730c • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48336 – Widevine Trustlet 5.x / 6.x / 7.x PRDiagParseAndStoreData Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48336
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48336_Buffer_Overflow_in_Widevine_PRDiagParseAndStoreData_0x5cc8 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48335 – Widevine Trustlet 5.x / 6.x / 7.x PRDiagVerifyProvisioning Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48335
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48335_Buffer_Overflow_in_Widevine_PRDiagVerifyProvisioning_0x5f90 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48332 – Widevine Trustlet 5.x drm_save_keys Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48332
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48332_Buffer_Overflow_in_Widevine_drm_save_keys_0x6a18 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48334 – Widevine Trustlet 5.x drm_verify_keys Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48334
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48334_Buffer_Overflow_in_Widevine_drm_verify_keys_0x7370 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2023-34151 – Debian Security Advisory 5628-1
https://notcve.org/view.php?id=CVE-2023-34151
30 May 2023 — A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. • https://access.redhat.com/security/cve/CVE-2023-34151 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48331 – Widevine Trustlet 5.x drm_save_keys Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48331
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48331_Buffer_Overflow_in_Widevine_drm_save_keys_0x69b0 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32307 – heap-over-flow and integer-overflow in sofia-sip
https://notcve.org/view.php?id=CVE-2023-32307
26 May 2023 — Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-si... • https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-rm4c-ccvf-ff9c • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48480
https://notcve.org/view.php?id=CVE-2022-48480
26 May 2023 — Integer overflow vulnerability in some phones. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-190: Integer Overflow or Wraparound •