CVSS: 9.8EPSS: 3%CPEs: 20EXPL: 0CVE-2021-37706 – Potential integer underflow upon receiving STUN message in PJSIP
https://notcve.org/view.php?id=CVE-2021-37706
22 Dec 2021 — In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. • http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.2EPSS: 56%CPEs: 37EXPL: 0CVE-2021-44224 – Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
https://notcve.org/view.php?id=CVE-2021-44224
20 Dec 2021 — Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities. • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-476: NULL Pointer Dereference CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43083 – Apache PLC4X 0.9.0 Buffer overflow in PLC4C via crafted server response
https://notcve.org/view.php?id=CVE-2021-43083
19 Dec 2021 — Apache PLC4X - PLC4C (Only the C language implementation was effected) was vulnerable to an unsigned integer underflow flaw inside the tcp transport. • http://www.openwall.com/lists/oss-security/2021/12/20/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-20607
https://notcve.org/view.php?id=CVE-2021-20607
17 Dec 2021 — Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by getting a user to open malicious project file specially crafted by an attacker. • https://jvn.jp/vu/JVNVU93817405/index.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.7EPSS: 0%CPEs: 14EXPL: 0CVE-2021-0901
https://notcve.org/view.php?id=CVE-2021-0901
17 Dec 2021 — In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05664618. En apusys, se presenta una posible corrupción de memoria debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/December-2021 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2021-0677
https://notcve.org/view.php?id=CVE-2021-0677
17 Dec 2021 — In ccu driver, there is a possible out of bounds read due to an integer overflow. • https://corp.mediatek.com/product-security-bulletin/December-2021 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-1047
https://notcve.org/view.php?id=CVE-2021-1047
15 Dec 2021 — In valid_ipc_dram_addr of cm_access_control.c, there is a possible out of bounds read due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2021-12-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0968
https://notcve.org/view.php?id=CVE-2021-0968
15 Dec 2021 — In osi_malloc and osi_calloc of allocator.cc, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/2021-12-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2021-0919
https://notcve.org/view.php?id=CVE-2021-0919
15 Dec 2021 — In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. • https://source.android.com/security/bulletin/2021-11-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 6%CPEs: 8EXPL: 0CVE-2021-43875 – Microsoft Office Graphics Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43875
15 Dec 2021 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43875 •