CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48332 – Widevine Trustlet 5.x drm_save_keys Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48332
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48332_Buffer_Overflow_in_Widevine_drm_save_keys_0x6a18 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48334 – Widevine Trustlet 5.x drm_verify_keys Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48334
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48334_Buffer_Overflow_in_Widevine_drm_verify_keys_0x7370 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2023-34151 – Debian Security Advisory 5628-1
https://notcve.org/view.php?id=CVE-2023-34151
30 May 2023 — A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. • https://access.redhat.com/security/cve/CVE-2023-34151 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48331 – Widevine Trustlet 5.x drm_save_keys Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-48331
30 May 2023 — Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow. • https://cyberintel.es/cve/CVE-2022-48331_Buffer_Overflow_in_Widevine_drm_save_keys_0x69b0 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32307 – heap-over-flow and integer-overflow in sofia-sip
https://notcve.org/view.php?id=CVE-2023-32307
26 May 2023 — Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-si... • https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-rm4c-ccvf-ff9c • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48480
https://notcve.org/view.php?id=CVE-2022-48480
26 May 2023 — Integer overflow vulnerability in some phones. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 1CVE-2023-28319 – curl: use after free in SSH sha256 fingerprint check
https://notcve.org/view.php?id=CVE-2023-28319
26 May 2023 — Issues addressed include HTTP response splitting, bypass, integer overflow, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2023/Jul/47 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-23298
https://notcve.org/view.php?id=CVE-2023-23298
23 May 2023 — The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. • https://developer.garmin.com/connect-iq/api-docs/Toybox/Graphics/BufferedBitmap.html#initialize-instance_function • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2023-28709 – Apache Tomcat: Fix for CVE-2023-24998 is incomplete
https://notcve.org/view.php?id=CVE-2023-28709
22 May 2023 — Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities. • http://www.openwall.com/lists/oss-security/2023/05/22/1 • CWE-193: Off-by-one Error •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-28753
https://notcve.org/view.php?id=CVE-2023-28753
18 May 2023 — netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. • https://github.com/pingjuiliao/CVE-2023-28753 • CWE-787: Out-of-bounds Write •