CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2022-34484 – Mozilla: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11
https://notcve.org/view.php?id=CVE-2022-34484
28 Jun 2022 — Issues addressed include bypass, integer overflow, and use-after-free vulnerabilities. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763634%2C1772651 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 21EXPL: 1CVE-2022-32207 – curl: Unpreserved file permissions
https://notcve.org/view.php?id=CVE-2022-32207
28 Jun 2022 — Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-276: Incorrect Default Permissions CWE-281: Improper Preservation of Permissions CWE-840: Business Logic Errors •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-33068 – harfbuzz: integer overflow in the component hb-ot-shape-fallback.cc
https://notcve.org/view.php?id=CVE-2022-33068
22 Jun 2022 — An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. ... An integer overflow in the hb-ot-shape-fallback.cc component allows attackers to cause a denial of service (DoS) via unspecified vectors. • https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 13%CPEs: 50EXPL: 1CVE-2022-2068 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-2068
21 Jun 2022 — Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://packetstorm.news/files/id/182466 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28733 – Integer underflow in grub_net_recv_ip4_packets
https://notcve.org/view.php?id=CVE-2022-28733
20 Jun 2022 — Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. ... This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32545 – Ubuntu Security Notice USN-6200-1
https://notcve.org/view.php?id=CVE-2022-32545
16 Jun 2022 — A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. Se ha encontrado una vulnerabilidad en ImageMagick, que causa un fallo fuera del rango de valores representables del tipo "unsigned char" en el archivo coders/psd.c, cuando se procesa una entrada diseñada o no confiable. ... • https://bugzilla.redhat.com/show_bug.cgi?id=2091811 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32546 – Gentoo Linux Security Advisory 202405-02
https://notcve.org/view.php?id=CVE-2022-32546
16 Jun 2022 — A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. Se ha encontrado una vulnerabilidad en ImageMagick, que causa una salida del rango de valores representables del tipo "unsigned long" en el archivo coders/pcl.c, cuando es procesada una entrada diseñada o no confiable. Es... • https://bugzilla.redhat.com/show_bug.cgi?id=2091812 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20178
https://notcve.org/view.php?id=CVE-2022-20178
15 Jun 2022 — In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2022-06-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 104EXPL: 0CVE-2022-25651
https://notcve.org/view.php?id=CVE-2022-25651
14 Jun 2022 — Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Una corrupción de memoria en el host bluetooth debido a un desbordamiento de enteros mientras es procesado el perfil BT HFP-UNIT en Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-40589
https://notcve.org/view.php?id=CVE-2021-40589
08 Jun 2022 — ZAngband zangband-data 2.7.5 is affected by an integer underflow vulnerability in src/tk/plat.c through the variable fileheader.bfOffBits. • https://sourceforge.net/p/zangband/bugs/671 • CWE-191: Integer Underflow (Wrap or Wraparound) •