CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2566 – Heap-memory write in FFMPEG
https://notcve.org/view.php?id=CVE-2022-2566
This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. • https://github.com/FFmpeg/FFmpeg/commit/c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2022-35951 – Redis subject to Integer Overflow leading to Remote Code Execution via Heap Overflow
https://notcve.org/view.php?id=CVE-2022-35951
Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an `XAUTOCLAIM` command on a stream key in a specific state, with a specially crafted `COUNT` argument may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. • https://github.com/redis/redis/security/advisories/GHSA-5gc4-76rx-22c9 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7INCOOFPPEAKNDBZU3TIZJPYXBULI2C https://security.gentoo.org/glsa/202209-17 https://security.netapp.com/advisory/ntap-20221020-0005 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-36934
https://notcve.org/view.php?id=CVE-2022-36934
An integer overflow in WhatsApp could result in remote code execution in an established video call. • https://www.whatsapp.com/security/advisories/2022 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2022-23085 – Potential jail escape vulnerabilities in netmap
https://notcve.org/view.php?id=CVE-2022-23085
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. • https://security.freebsd.org/advisories/FreeBSD-SA-22:04.netmap.asc https://security.netapp.com/advisory/ntap-20240322-0004 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-36015 – Integer overflow in math ops in TensorFlow
https://notcve.org/view.php?id=CVE-2022-36015
TensorFlow is an open source platform for machine learning. When `RangeSize` receives values that do not fit into an `int64_t`, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/math_ops.cc https://github.com/tensorflow/tensorflow/commit/37e64539cd29fcfb814c4451152a60f5d107b0f0 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rh87-q4vg-m45j • CWE-190: Integer Overflow or Wraparound •