CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22556 – Integer Overflow in Fuchsia Kernel
https://notcve.org/view.php?id=CVE-2021-22556
03 May 2022 — The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. • https://fuchsia-review.googlesource.com/c/fuchsia/+/570881 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 5%CPEs: 59EXPL: 5CVE-2022-1292 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-1292
03 May 2022 — Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://github.com/alcaparra/CVE-2022-1292 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.4EPSS: 0%CPEs: 28EXPL: 4CVE-2022-29824 – libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-29824
03 May 2022 — In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. • http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1475 – Gentoo Linux Security Advisory 202312-14
https://notcve.org/view.php?id=CVE-2022-1475
02 May 2022 — An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file. • https://bugzilla.redhat.com/show_bug.cgi?id=2076764 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 1CVE-2021-4206 – QEMU: QXL: integer overflow in cursor_alloc() can lead to heap buffer overflow
https://notcve.org/view.php?id=CVE-2021-4206
29 Apr 2022 — An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. ... Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities. • https://bugzilla.redhat.com/show_bug.cgi?id=2036998 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-131: Incorrect Calculation of Buffer Size CWE-190: Integer Overflow or Wraparound •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 1CVE-2021-4207 – QEMU: QXL: double fetch in qxl_cursor() can lead to heap buffer overflow
https://notcve.org/view.php?id=CVE-2021-4207
29 Apr 2022 — Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities. • https://bugzilla.redhat.com/show_bug.cgi?id=2036966 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-28197
https://notcve.org/view.php?id=CVE-2022-28197
27 Apr 2022 — NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. • https://nvidia.custhelp.com/app/answers/detail/a_id/5343 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.7EPSS: 0%CPEs: 3EXPL: 0CVE-2022-28195
https://notcve.org/view.php?id=CVE-2022-28195
27 Apr 2022 — NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. • https://nvidia.custhelp.com/app/answers/detail/a_id/5343 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-28327 – golang: crypto/elliptic: panic caused by oversized scalar
https://notcve.org/view.php?id=CVE-2022-28327
20 Apr 2022 — La característica genérica P-256 en crypto/elliptic en Go versiones anteriores a 1.17.9 y versiones 1.18.x anteriores a 1.18.1, permite un pánico por medio de una entrada escalar larga An integer overflow flaw was found in Golang's crypto/elliptic library. • https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-21482 – Oracle MySQL Cluster Data Node Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-21482
19 Apr 2022 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. • https://security.netapp.com/advisory/ntap-20220429-0005 •