CVSS: 9.0EPSS: 1%CPEs: 7EXPL: 1CVE-2022-42898 – krb5: integer overflow vulnerabilities in PAC parsing
https://notcve.org/view.php?id=CVE-2022-42898
21 Nov 2022 — PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. • https://bugzilla.samba.org/show_bug.cgi?id=15203 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42533
https://notcve.org/view.php?id=CVE-2022-42533
17 Nov 2022 — In shared_metadata_init of SharedMetadata.cpp, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2022-11-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 1CVE-2022-3970 – LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow
https://notcve.org/view.php?id=CVE-2022-3970
13 Nov 2022 — The manipulation leads to integer overflow. ... An integer overflow flaw was found in LibTIFF. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137 • CWE-189: Numeric Errors CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2022-31630 – OOB read due to insufficient input validation in imageloadfont()
https://notcve.org/view.php?id=CVE-2022-31630
09 Nov 2022 — In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information. En versiones de PHP anteriores a 7.4.33, 8.0.25 y 8.2.12, cuando se usa la función imageloadfont() en la extensión gd, es posible proporcionar un archivo de fuente especialm... • https://bugs.php.net/bug.php?id=81739 • CWE-125: Out-of-bounds Read CWE-131: Incorrect Calculation of Buffer Size CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-41092 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41092
09 Nov 2022 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41092 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-39377 – sysstat Incorrect Buffer Size calculation on 32-bit systems results in RCE via buffer overflow
https://notcve.org/view.php?id=CVE-2022-39377
08 Nov 2022 — An arithmetic overflow issue was discovered in Sysstat on 32-bit systems. • https://github.com/sysstat/sysstat/security/advisories/GHSA-q8r6-g56f-9w7x • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-39343 – Azure RTOS FileX vulnerable to Buffer Offerflow
https://notcve.org/view.php?id=CVE-2022-39343
08 Nov 2022 — In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. • https://github.com/azure-rtos/filex/blob/master/common/src/fx_fault_tolerant_apply_logs.c#L218 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20454
https://notcve.org/view.php?id=CVE-2022-20454
08 Nov 2022 — In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/2022-11-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 3CVE-2022-44638 – pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-44638
03 Nov 2022 — In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. ... This issue causes an out-of-bounds write in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. • http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 1CVE-2022-40303 – libxml2: integer overflows with XML_PARSE_HUGE
https://notcve.org/view.php?id=CVE-2022-40303
01 Nov 2022 — When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. ... Parsing a XML document with the XML_PARSE_HUGE option enabled can result in an integer overflow because safety checks were missing in some functions. ... Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://packetstorm.news/files/id/169825 • CWE-190: Integer Overflow or Wraparound •