CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-33204 – sysstat: check_overflow() function can work incorrectly that lead to an overflow
https://notcve.org/view.php?id=CVE-2023-33204
18 May 2023 — sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. ... This security flaw happens because it allows a multiplication integer overflow in check_overflow in common.c. • https://github.com/sysstat/sysstat/pull/360 • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2512 – Buffer under-read in workerd
https://notcve.org/view.php?id=CVE-2023-2512
12 May 2023 — Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. ... Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. • https://github.com/cloudflare/workerd/releases/tag/v1.20230419.0 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32058 – Vyper vulnerable to integer overflow in loop
https://notcve.org/view.php?id=CVE-2023-32058
11 May 2023 — Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been... • https://github.com/vyperlang/vyper/commit/3de1415ee77a9244eb04bdb695e249d3ec9ed868 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.0EPSS: 0%CPEs: 20EXPL: 0CVE-2023-22443
https://notcve.org/view.php?id=CVE-2023-22443
10 May 2023 — Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-24949 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24949
09 May 2023 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when performing a bounds check before reading from memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24949 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-24948 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24948
09 May 2023 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24948 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2023-24945 – Windows iSCSI Target Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-24945
09 May 2023 — Windows iSCSI Target Service Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24945 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2023-31137 – MaraDNS Integer Underflow Vulnerability in DNS Packet Decompression
https://notcve.org/view.php?id=CVE-2023-31137
09 May 2023 — In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination. • https://github.com/samboy/MaraDNS/blob/08b21ea20d80cedcb74aa8f14979ec7c61846663/dns/Decompress.c#L886 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.4EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47489
https://notcve.org/view.php?id=CVE-2022-47489
09 May 2023 — In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2610 – Integer Overflow or Wraparound in vim/vim
https://notcve.org/view.php?id=CVE-2023-2610
09 May 2023 — Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. • https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a • CWE-190: Integer Overflow or Wraparound •