CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-41325
https://notcve.org/view.php?id=CVE-2022-41325
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions. • https://twitter.com/0xMitsurugi https://www.debian.org/security/2022/dsa-5297 https://www.synacktiv.com/sites/default/files/2022-11/vlc_vnc_int_overflow-CVE-2022-41325.pdf https://www.videolan.org/security/sb-vlc3018.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-42765
https://notcve.org/view.php?id=CVE-2022-42765
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. En el controlador de WLAN, existe una posible comprobación de los límites faltantes, lo que podría provocar una Denegación de Servicio (DoS) local en los servicios de WLAN. • https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-4202 – GPAC lsr_dec.c lsr_translate_coords integer overflow
https://notcve.org/view.php?id=CVE-2022-4202
The manipulation leads to integer overflow. • https://drive.google.com/file/d/1HVWa6IpAbvsMS5rx091RfjUB4GfXrMLE/view https://github.com/gpac/gpac/commit/b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908 https://github.com/gpac/gpac/issues/2333 https://vuldb.com/?id.214518 https://www.debian.org/security/2023/dsa-5411 • CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-4172 – QEMU: ACPI ERST: memory corruption issues in read_erst_record and write_erst_record
https://notcve.org/view.php?id=CVE-2022-4172
An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. ... An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. • https://gitlab.com/qemu-project/qemu/-/commit/defb7098 https://gitlab.com/qemu-project/qemu/-/issues/1268 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O https://lore.kernel.org/qemu-devel/20221024154233.1043347-1-lk%40c--e.de https://security.netapp.com/advisory/ntap-20230127-0013 https://access.redhat.com/security/cve/CVE-2022-4172 https://bugzilla.redhat.com/show_bug.cgi?id=2149105 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-45934 – kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c
https://notcve.org/view.php?id=CVE-2022-45934
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. ... An integer overflow flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user generates malicious L2CAP_CONF_REQ packets. • https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDAKCGDW6CQ6G3RZWYZJO454R3L5CTQB https://security.netapp.com/advisory/ntap-20230113-0008 https://www.debian.org/security/2023/dsa-5324 https://access.redhat.co • CWE-190: Integer Overflow or Wraparound •