CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2023-30774 – libtiff: heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value
https://notcve.org/view.php?id=CVE-2023-30774
09 May 2023 — Issues addressed include buffer overflow, integer overflow, out of bounds read, and out of bounds write vulnerabilities. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30775 – libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-30775
09 May 2023 — Issues addressed include buffer overflow, integer overflow, out of bounds read, and out of bounds write vulnerabilities. • https://access.redhat.com/security/cve/CVE-2023-30775 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46720
https://notcve.org/view.php?id=CVE-2022-46720
08 May 2023 — An integer overflow was addressed with improved input validation. • https://support.apple.com/en-us/HT213530 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32143 – D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32143
04 May 2023 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. The issue results from the lack of pro... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324 • CWE-197: Numeric Truncation Error •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24821 – RIOT-OS vulnerable to Integer Underflow during defragmentation
https://notcve.org/view.php?id=CVE-2023-24821
24 Apr 2023 — RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create a hard fault exception after reaching the last page of RAM. The hard fault is not handled and the system will be stuck until reset, thus the impact is denial of service. Version 2022.10 fixes this issue. • https://github.com/RIOT-OS/RIOT/pull/18817/commits/9728f727e75d7d78dbfb5918e0de1b938b7b6d2c • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24820 – RIOT-OS vulnerable to Integer Underflow during IPHC receive
https://notcve.org/view.php?id=CVE-2023-24820
24 Apr 2023 — RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create a hard fault exception after reaching the last page of RAM. The hard fault is not handled and the system will be stuck until reset. Thus the impact is denial of service. • https://github.com/RIOT-OS/RIOT/pull/18817/commits/2709fbd827b688fe62df2c77c316914f4a3a6d4a • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1900 – Avira Free Antivirus Integer Overflow Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-1900
19 Apr 2023 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-2136
19 Apr 2023 — Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. ... Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0878
https://notcve.org/view.php?id=CVE-2021-0878
19 Apr 2023 — In PVRSRVBridgeServerSyncGetStatus of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. • https://source.android.com/security/bulletin/2023-04-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0879
https://notcve.org/view.php?id=CVE-2021-0879
19 Apr 2023 — In PVRSRVBridgeRGXTDMSubmitTransfer of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. • https://source.android.com/security/bulletin/2023-04-01 • CWE-190: Integer Overflow or Wraparound •