CVE-2024-40994 – ptp: fix integer overflow in max_vclocks_store
https://notcve.org/view.php?id=CVE-2024-40994
In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. • https://git.kernel.org/stable/c/44c494c8e30e35713c7d11ca3c5ab332cbfabacf https://git.kernel.org/stable/c/4b03da87d0b7074c93d9662c6e1a8939f9b8b86e https://git.kernel.org/stable/c/d50d62d5e6ee6aa03c00bddb91745d0b632d3b0f https://git.kernel.org/stable/c/666e934d749e50a37f3796caaf843a605f115b6f https://git.kernel.org/stable/c/e1fccfb4638ee6188377867f6015d0ce35764a8e https://git.kernel.org/stable/c/81d23d2a24012e448f651e007fac2cfd20a45ce0 •
CVE-2024-37310 – EVerest has an integer overflow in the "v2g_incoming_v2gtp" function
https://notcve.org/view.php?id=CVE-2024-37310
An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. • https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e https://github.com/EVerest/everest-core/releases/tag/2024.3.1 https://github.com/EVerest/everest-core/releases/tag/2024.6.0 https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVE-2024-23695
https://notcve.org/view.php?id=CVE-2024-23695
In CacheOpPMRExec of cache_km.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/2024-06-01 • CWE-190: Integer Overflow or Wraparound •
CVE-2024-34139 – Adobe Bridge has an integer overflow vulnerability when parsing SVG file
https://notcve.org/view.php?id=CVE-2024-34139
Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. ... Las versiones de Bridge 14.0.4, 13.0.7, 14.1 y anteriores se ven afectadas por una vulnerabilidad de desbordamiento de enteros o Wraparound que podría resultar en la ejecución de código arbitrario en el contexto del usuario actual. • https://helpx.adobe.com/security/products/bridge/apsb24-51.html • CWE-190: Integer Overflow or Wraparound •
CVE-2024-39684 – Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Overflow
https://notcve.org/view.php?id=CVE-2024-39684
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684 • CWE-190: Integer Overflow or Wraparound •