CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0951
https://notcve.org/view.php?id=CVE-2021-0951
11 Oct 2022 — In DevmemIntHeapAcquire of TBD, there is a possible arbitrary code execution due to an integer overflow. • https://source.android.com/security/bulletin/2022-10-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20410
https://notcve.org/view.php?id=CVE-2022-20410
11 Oct 2022 — In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. • https://source.android.com/security/bulletin/2022-10-01 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41550
https://notcve.org/view.php?id=CVE-2022-41550
11 Oct 2022 — GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header. • https://savannah.gnu.org/bugs/?63103 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-38044 – Windows CD-ROM File System Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-38044
11 Oct 2022 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38044 •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 2CVE-2022-36063 – USBX Host CDC ECM integer underflow with buffer overflow
https://notcve.org/view.php?id=CVE-2022-36063
10 Oct 2022 — Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in the `_ux_host_class_cdc_ecm_mac_address_get` function which may be potentially exploited to achieve remote code execution or denial of service. Setting mac address string descriptor length to a `0` or `1` allows an attacker to introduce an integer underflow followed (string_length) by a buffer overflow of the `cdc_ecm -> ux_host_class_cdc_ecm_node_id` array. • https://github.com/azure-rtos/usbx/blob/master/common/usbx_host_classes/src/ux_host_class_cdc_ecm_mac_address_get.c#L264 • CWE-121: Stack-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.5EPSS: 0%CPEs: 34EXPL: 0CVE-2022-2928 – An option refcount overflow exists in dhcpd
https://notcve.org/view.php?id=CVE-2022-2928
06 Oct 2022 — Cada respuesta de consulta de arrendamiento llama a esta función para varias opciones, por lo que eventualmente, los contadores de referencia podrían desbordarse y causar a el servidor abortar An integer overflow vulnerability was found in the DHCP server. • https://kb.isc.org/docs/cve-2022-2928 • CWE-190: Integer Overflow or Wraparound CWE-476: NULL Pointer Dereference •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41318 – squid: buffer-over-read in SSPI and SMB authentication
https://notcve.org/view.php?id=CVE-2022-41318
27 Sep 2022 — Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. ... An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure. • http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch • CWE-126: Buffer Over-read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-27492
https://notcve.org/view.php?id=CVE-2022-27492
23 Sep 2022 — An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted video file. • https://www.whatsapp.com/security/advisories/2022 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2566 – Heap-memory write in FFMPEG
https://notcve.org/view.php?id=CVE-2022-2566
23 Sep 2022 — This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. • https://github.com/FFmpeg/FFmpeg/commit/c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 4%CPEs: 2EXPL: 0CVE-2022-35951 – Redis subject to Integer Overflow leading to Remote Code Execution via Heap Overflow
https://notcve.org/view.php?id=CVE-2022-35951
23 Sep 2022 — Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an `XAUTOCLAIM` command on a stream key in a specific state, with a specially crafted `COUNT` argument may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. • https://github.com/redis/redis/security/advisories/GHSA-5gc4-76rx-22c9 • CWE-190: Integer Overflow or Wraparound •