CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27952 – Apple Security Advisory 2023-03-27-3
https://notcve.org/view.php?id=CVE-2023-27952
28 Mar 2023 — An app may bypass Gatekeeper checks. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213670 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-28200 – Apple Security Advisory 2023-03-27-3
https://notcve.org/view.php?id=CVE-2023-28200
28 Mar 2023 — An app may be able to disclose kernel memory. macOS Ventura 13.3 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213670 • CWE-20: Improper Input Validation CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25662 – TensorFlow vulnerable to integer overflow in EditDistance
https://notcve.org/view.php?id=CVE-2023-25662
24 Mar 2023 — Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. • https://github.com/tensorflow/tensorflow/commit/08b8e18643d6dcde00890733b270ff8d9960c56c • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25667 – TensorFlow vulnerable to segfault when opening multiframe gif
https://notcve.org/view.php?id=CVE-2023-25667
24 Mar 2023 — Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 <= num_frames * height * width * channels < 2^32`, for example Full HD screencast of at least 346 frames. • https://github.com/tensorflow/tensorflow/commit/8dc723fcdd1a6127d6c970bd2ecb18b019a1a58d • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20532
https://notcve.org/view.php?id=CVE-2022-20532
24 Mar 2023 — In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21065
https://notcve.org/view.php?id=CVE-2023-21065
24 Mar 2023 — In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28708 – Apache Tomcat: JSESSIONID Cookie missing secure attribute in some configurations
https://notcve.org/view.php?id=CVE-2023-28708
22 Mar 2023 — Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities. • https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-523: Unprotected Transport of Credentials •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 13CVE-2023-0386 – kernel: FUSE filesystem low-privileged user privileges escalation
https://notcve.org/view.php?id=CVE-2023-0386
22 Mar 2023 — Issues addressed include heap overflow and integer overflow vulnerabilities. • https://packetstorm.news/files/id/181886 • CWE-282: Improper Ownership Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28097 – OpenSIPS has vulnerability in the Content-Length Parser
https://notcve.org/view.php?id=CVE-2023-28097
15 Mar 2023 — OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large _Content-Length_ value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memory using the `-m` flag was allocated to OpenSIPS, such as 10 GB of RAM. On the test system, this issue occurred when shared memory was set to `2362` or higher. This issue is fixed in versions 3.1.9 and 3.2.6. • https://github.com/OpenSIPS/opensips/commit/7cab422e2fc648f910abba34f3f0dbb3ae171ff5 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-24871 – Windows Bluetooth Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-24871
14 Mar 2023 — Windows Bluetooth Service Remote Code Execution Vulnerability • https://github.com/ynwarcs/CVE-2023-24871 • CWE-190: Integer Overflow or Wraparound •