CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-32434 – Apple Multiple Products Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-32434
23 Jun 2023 — An integer overflow was addressed with improved input validation. ... Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. iOS 15.7.7 and iPadOS 15.7.7 addresses code execution and integer overflow vulnerabilities. Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to execute code with kernel privileges. • http://seclists.org/fulldisclosure/2023/Oct/20 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-20335
https://notcve.org/view.php?id=CVE-2020-20335
20 Jun 2023 — Buffer Overflow vulnerability in Antirez Kilo before commit 7709a04ae8520c5b04d261616098cebf742f5a23 allows a remote attacker to cause a denial of service via the editorUpdateRow function in kilo.c. • https://github.com/antirez/kilo/issues/60 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35827 – Ubuntu Security Notice USN-6626-2
https://notcve.org/view.php?id=CVE-2023-35827
18 Jun 2023 — Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. • https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28295 – Microsoft Publisher Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28295
17 Jun 2023 — Microsoft Publisher Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28295 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-29349 – Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-29349
16 Jun 2023 — Microsoft ODBC and OLE DB Remote Code Execution Vulnerability Vulnerabilidad de ejecución de código remota en Microsoft ODBC y OLE DB • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35790
https://notcve.org/view.php?id=CVE-2023-35790
16 Jun 2023 — An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop. • https://github.com/libjxl/libjxl/pull/2551 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34455 – snappy-java's unchecked chunk length leads to DoS
https://notcve.org/view.php?id=CVE-2023-34455
15 Jun 2023 — Issues addressed include code execution, denial of service, deserialization, and integer overflow vulnerabilities. • https://github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/SnappyInputStream.java#L388 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34454 – snappy-java's Integer Overflow vulnerability in compress leads to DoS
https://notcve.org/view.php?id=CVE-2023-34454
15 Jun 2023 — Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. ... Since the length is not tested, the multiplication by two can cause an integer overflow and become negative. ... Since the maxCompressedLength function treats the length as an unsigned integer, it doesn’t care that it is negative, and it returns a valid value, which is casted to a signed integer by the Java engine. ... Issues addre... • https://github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/Snappy.java#L169 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34453 – snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
https://notcve.org/view.php?id=CVE-2023-34453
15 Jun 2023 — Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. ... Since the length is not tested, the multiplication by four can cause an integer overflow and become a smaller value than the true size, or even zero or negative. ... Issues addressed include code execution, denial of service, deserialization, and integer overflow vulnerabilities. • https://github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/BitShuffle.java#L107 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0701
https://notcve.org/view.php?id=CVE-2021-0701
15 Jun 2023 — In PVRSRVBridgeSyncPrimOpCreate of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. • https://source.android.com/security/bulletin/2023-06-01 • CWE-190: Integer Overflow or Wraparound •