Page 135 of 4113 results (0.399 seconds)

CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0

CVE-2022-40303 – libxml2: integer overflows with XML_PARSE_HUGE

https://notcve.org/view.php?id=CVE-2022-40303

When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. ... Parsing a XML document with the XML_PARSE_HUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation. libxml2 suffers from an integer overflow vulnerability in xmlParseNameComplex. • http://seclists.org/fulldisclosure/2022/Dec/21 http://seclists.org/fulldisclosure/2022/Dec/24 http://seclists.org/fulldisclosure/2022/Dec/25 http://seclists.org/fulldisclosure/2022/Dec/26 http://seclists.org/fulldisclosure/2022/Dec/27 https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0 https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3 https://security.netapp.com/advisory/ntap-20221209-0003 https://support.apple.com/kb/HT213531 https:/ • CWE-190: Integer Overflow or Wraparound

CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 1

CVE-2022-32775

https://notcve.org/view.php?id=CVE-2022-32775

An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1564 • CWE-190: Integer Overflow or Wraparound

CVSS: 9.8EPSS: 3%CPEs: 15EXPL: 1

CVE-2022-37454 – XKCP: buffer overflow in the SHA-3 reference implementation

https://notcve.org/view.php?id=CVE-2022-37454

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. • https://csrc.nist.gov/projects/hash-functions/sha-3-project https://eprint.iacr.org/2023/331 https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658 https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org&# • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow

CVSS: 9.8EPSS: 0%CPEs: 546EXPL: 0

CVE-2022-25748

https://notcve.org/view.php?id=CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una corrupción de memoria en WLAN debido a un desbordamiento de enteros en el búfer mientras son analizados los marcos GTK. en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin • CWE-190: Integer Overflow or Wraparound

CVSS: 8.1EPSS: 2%CPEs: 1EXPL: 1

CVE-2022-39425 – Oracle VirtualBox VRDP Integer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2022-39425

The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. • https://github.com/bob11vrdp/CVE-2022-39425 https://security.gentoo.org/glsa/202212-03 https://www.oracle.com/security-alerts/cpuoct2022.html • CWE-306: Missing Authentication for Critical Function •