CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 1CVE-2023-28319 – curl: use after free in SSH sha256 fingerprint check
https://notcve.org/view.php?id=CVE-2023-28319
26 May 2023 — Issues addressed include HTTP response splitting, bypass, integer overflow, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2023/Jul/47 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-23298
https://notcve.org/view.php?id=CVE-2023-23298
23 May 2023 — The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. • https://developer.garmin.com/connect-iq/api-docs/Toybox/Graphics/BufferedBitmap.html#initialize-instance_function • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2023-28709 – Apache Tomcat: Fix for CVE-2023-24998 is incomplete
https://notcve.org/view.php?id=CVE-2023-28709
22 May 2023 — Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities. • http://www.openwall.com/lists/oss-security/2023/05/22/1 • CWE-193: Off-by-one Error •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-28753
https://notcve.org/view.php?id=CVE-2023-28753
18 May 2023 — netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. • https://github.com/pingjuiliao/CVE-2023-28753 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-33204 – sysstat: check_overflow() function can work incorrectly that lead to an overflow
https://notcve.org/view.php?id=CVE-2023-33204
18 May 2023 — sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. ... This security flaw happens because it allows a multiplication integer overflow in check_overflow in common.c. • https://github.com/sysstat/sysstat/pull/360 • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2512 – Buffer under-read in workerd
https://notcve.org/view.php?id=CVE-2023-2512
12 May 2023 — Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. ... Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. • https://github.com/cloudflare/workerd/releases/tag/v1.20230419.0 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32058 – Vyper vulnerable to integer overflow in loop
https://notcve.org/view.php?id=CVE-2023-32058
11 May 2023 — Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been... • https://github.com/vyperlang/vyper/commit/3de1415ee77a9244eb04bdb695e249d3ec9ed868 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.0EPSS: 0%CPEs: 20EXPL: 0CVE-2023-22443
https://notcve.org/view.php?id=CVE-2023-22443
10 May 2023 — Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-24949 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24949
09 May 2023 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when performing a bounds check before reading from memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24949 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-24948 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24948
09 May 2023 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24948 • CWE-122: Heap-based Buffer Overflow •