CVSS: 7.5EPSS: 0%CPEs: 96EXPL: 0CVE-2022-37301
https://notcve.org/view.php?id=CVE-2022-37301
A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior) Existe una vulnerabilidad CWE-191: Integer Underflow (Wrap o Wraparound) que podría causar una Denegación de Servicio (DoS) del controlador debido a violaciones de acceso a la memoria cuando se utiliza el protocolo Modbus TCP. • https://www.se.com/us/en/download/document/SEVD-2022-221-02 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 1CVE-2022-42898 – krb5: integer overflow vulnerabilities in PAC parsing
https://notcve.org/view.php?id=CVE-2022-42898
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. • https://bugzilla.samba.org/show_bug.cgi?id=15203 https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583 https://security.gentoo.org/glsa/202309-06 https://security.gentoo.org/glsa/202310-06 https://security.netapp.com/advisory/ntap-20230216-0008 https://security.netapp.com/advisory/ntap-20230223-0001 https://web.mit.edu/kerberos/advisories https://web.mit.edu/kerberos/krb5-1.19 https://web& • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42533
https://notcve.org/view.php?id=CVE-2022-42533
In shared_metadata_init of SharedMetadata.cpp, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2022-11-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-3970 – LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow
https://notcve.org/view.php?id=CVE-2022-3970
The manipulation leads to integer overflow. ... An integer overflow flaw was found in LibTIFF. This issue exists in the TIFFReadRGBATileExt function of the libtiff/tif_getimage.c file, and may lead to a buffer overflow. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137 https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://oss-fuzz.com/download?testcase_id=5738253143900160 https://security.netapp.com/advisory/ntap-20221215-0009 https://support.apple.com/kb/HT213841 https://support.apple.com/kb/HT213843 https://vuldb.com/?id.213549 https://access.redhat.com/security/cve/CVE-2022-3970 https • CWE-189: Numeric Errors CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2022-31630 – OOB read due to insufficient input validation in imageloadfont()
https://notcve.org/view.php?id=CVE-2022-31630
An out-of-bounds read flaw was found in PHP due to insufficient input validation in the imageloadfont() function. This flaw allows a remote attacker to pass specially crafted data to the web application, trigger an out-of-bounds read error, and read the contents of memory on the system. • https://bugs.php.net/bug.php?id=81739 https://access.redhat.com/security/cve/CVE-2022-31630 https://bugzilla.redhat.com/show_bug.cgi?id=2139280 • CWE-125: Out-of-bounds Read CWE-131: Incorrect Calculation of Buffer Size CWE-190: Integer Overflow or Wraparound •