CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31005 – Integer Overflow in Vapor's HTTP Range Request
https://notcve.org/view.php?id=CVE-2022-31005
31 May 2022 — Users of Vapor prior to version 4.60.3 with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. • https://github.com/vapor/vapor/commit/953a349b539b3e0d3653585c8ffb50c427986df1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1926 – Integer Overflow or Wraparound in polonel/trudesk
https://notcve.org/view.php?id=CVE-2022-1926
31 May 2022 — Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. Un Desbordamiento de enteros o Wraparound en el repositorio de GitHub polonel/trudesk versiones anteriores a 1.2.3 • https://github.com/polonel/trudesk/commit/b7c15180b6d4e556ad05d0881eb72d8b2f1637a0 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 6EXPL: 0CVE-2022-30787 – Gentoo Linux Security Advisory 202301-01
https://notcve.org/view.php?id=CVE-2022-30787
26 May 2022 — An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. • http://www.openwall.com/lists/oss-security/2022/06/07/4 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29358
https://notcve.org/view.php?id=CVE-2022-29358
24 May 2022 — epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in _parse_special_tag at sxmlc.c. • https://github.com/kevinboone/epub2txt2/issues/22 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29219 – Integer Overflow in Lodestar
https://notcve.org/view.php?id=CVE-2022-29219
24 May 2022 — Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted `AttesterSlashing` or `ProposerSlashing` being included on-chain. Because the developers represent `uint64` values as native javascript `number`s, there is an issue when those variables with large (greater than 2^53) `uint64` values are included on chain. In those cases, Lodestar may view valid_`AttesterSlashing` or `ProposerSlashing` as inva... • https://github.com/ChainSafe/lodestar/pull/3977 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25121 – Rating by BestWebSoft < 1.6 - Rating Denial of Service
https://notcve.org/view.php?id=CVE-2021-25121
24 May 2022 — The Rating by BestWebSoft WordPress plugin before 1.6 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating El plugin Rating by BestWebSoft WordPress anterior a la versión 1.6 no valida la valoración enviada, permitiendo el envío de enteros largos, lo que provoca una denegación de servicio en la entrada/página cuando un usuario envía dicha valoración The Rating by BestWebSoft WordPress plugin through 1.... • https://wpscan.com/vulnerability/efb1ddef-2123-416c-a932-856d41ed836d • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31264
https://notcve.org/view.php?id=CVE-2022-31264
21 May 2022 — Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. • https://github.com/Ainevsia/CVE-Request/tree/main/Solana/1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2022-29203 – Integer overflow in `SpaceToBatchND` in TensorFlow
https://notcve.org/view.php?id=CVE-2022-29203
20 May 2022 — Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a `CHECK`-failure (assertion failure), as in TFSA-2021-198. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2022-29204 – Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`
https://notcve.org/view.php?id=CVE-2022-29204
20 May 2022 — TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as... • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14 • CWE-20: Improper Input Validation CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1754 – Integer Overflow or Wraparound in polonel/trudesk
https://notcve.org/view.php?id=CVE-2022-1754
20 May 2022 — Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. Un Desbordamiento de Enteros o Wraparound en el repositorio de GitHub polonel/trudesk versiones anteriores a 1.2.2 • https://github.com/polonel/trudesk/commit/e836d04d16787c2c9c72e7bf011cf396d1f73c19 • CWE-190: Integer Overflow or Wraparound •