CVE-2024-37310 – EVerest has an integer overflow in the "v2g_incoming_v2gtp" function
https://notcve.org/view.php?id=CVE-2024-37310
An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. • https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e https://github.com/EVerest/everest-core/releases/tag/2024.3.1 https://github.com/EVerest/everest-core/releases/tag/2024.6.0 https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVE-2024-23695
https://notcve.org/view.php?id=CVE-2024-23695
In CacheOpPMRExec of cache_km.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/2024-06-01 • CWE-190: Integer Overflow or Wraparound •
CVE-2024-34139 – Adobe Bridge has an integer overflow vulnerability when parsing SVG file
https://notcve.org/view.php?id=CVE-2024-34139
Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. ... Las versiones de Bridge 14.0.4, 13.0.7, 14.1 y anteriores se ven afectadas por una vulnerabilidad de desbordamiento de enteros o Wraparound que podría resultar en la ejecución de código arbitrario en el contexto del usuario actual. • https://helpx.adobe.com/security/products/bridge/apsb24-51.html • CWE-190: Integer Overflow or Wraparound •
CVE-2024-39684 – Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Overflow
https://notcve.org/view.php?id=CVE-2024-39684
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684 • CWE-190: Integer Overflow or Wraparound •
CVE-2024-38517 – Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow
https://notcve.org/view.php?id=CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer underflow vulnerability (when the file is parsed), leading to elevation of privilege. • https://github.com/Tencent/rapidjson/pull/1261/commits/8269bc2bc289e9d343bae51cdf6d23ef0950e001 https://github.com/fmalita/rapidjson/commit/8269bc2bc289e9d343bae51cdf6d23ef0950e001 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38517 • CWE-191: Integer Underflow (Wrap or Wraparound) •