CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 2CVE-2022-3515 – GnuPG libksba CRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-3515
17 Oct 2022 — A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. ... Issues addressed include bypass, code execution, integer overflow, memory leak, and use-after-free vulnerabilities. • https://access.redhat.com/security/cve/CVE-2022-3515 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3165 – QEMU: VNC: integer underflow in vnc_client_cut_text_ext leads to CPU exhaustion
https://notcve.org/view.php?id=CVE-2022-3165
17 Oct 2022 — An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. ... Un cliente malicioso podría usar este fallo para hacer que QEMU no responda mediante el envío de un mensaje de carga útil especialmente diseñado, resultando en una denegación de servicio An integer underflow issue was found in the QEMU built-in VNC server while processing ClientCutText messages in the extended format. • https://gitlab.com/qemu-project/qemu/-/commit/d307040b18 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-39105
https://notcve.org/view.php?id=CVE-2022-39105
14 Oct 2022 — In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. En sensor driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una denegación de servicio local en el kernel • https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39293 – Azure RTOS USBX Host PIMA vulnerable to read integer underflow with buffer overflow
https://notcve.org/view.php?id=CVE-2022-39293
13 Oct 2022 — Azure RTOS USBX is a high-performance USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. The case is, in [_ux_host_class_pima_read](https://github.com/azure-rtos/usbx/blob/master/common/usbx_host_classes/src/ux_host_class_pima_read.c), there is data length from device response, returned in the very first packet, and read by [L165 code](https://github.com/azure-rtos/usbx/blob/082fd9db09a3669eca3358f10b8837a5c1635c0b/common/usbx_host_classes/src/ux_host_cla... • https://github.com/azure-rtos/usbx/releases/tag/v6.1.12_rel • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.9EPSS: 0%CPEs: 134EXPL: 0CVE-2022-22078
https://notcve.org/view.php?id=CVE-2022-22078
12 Oct 2022 — Denial of service in BOOT when partition size for a particular partition is requested due to integer overflow when blocks are calculated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Una denegación de servicio en BOOT cuando es solicitado el tamaño de una partición particular debido a un desbordamiento de enteros cuando son calculados los bloques en Snapdragon Auto, Snapdragon Compute... • https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20423
https://notcve.org/view.php?id=CVE-2022-20423
11 Oct 2022 — In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/2022-10-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35289
https://notcve.org/view.php?id=CVE-2022-35289
11 Oct 2022 — A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. • https://github.com/facebook/hermes/commit/5b6255ae049fa4641791e47fad994e8e8c4da374 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0951
https://notcve.org/view.php?id=CVE-2021-0951
11 Oct 2022 — In DevmemIntHeapAcquire of TBD, there is a possible arbitrary code execution due to an integer overflow. • https://source.android.com/security/bulletin/2022-10-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20410
https://notcve.org/view.php?id=CVE-2022-20410
11 Oct 2022 — In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. • https://source.android.com/security/bulletin/2022-10-01 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41550
https://notcve.org/view.php?id=CVE-2022-41550
11 Oct 2022 — GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header. • https://savannah.gnu.org/bugs/?63103 • CWE-190: Integer Overflow or Wraparound •