CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38166 – Ubuntu Security Notice USN-5113-1
https://notcve.org/view.php?id=CVE-2021-38166
07 Aug 2021 — In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=c4eb1f403243fc7bbb7de644db8587c03de36da6 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2021-38185 – cpio: integer overflow in ds_fgetstr() in dstring.c can lead to an out-of-bounds write via a crafted pattern file
https://notcve.org/view.php?id=CVE-2021-38185
07 Aug 2021 — GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. ... An integer overflow that triggers an out-of-bounds heap write can allow an attacker to execute arbitrary code via a crafted pattern file. • https://github.com/fangqyi/cpiopwn • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 26EXPL: 1CVE-2021-22922 – curl: Content not matching hash in Metalink is not being discarded
https://notcve.org/view.php?id=CVE-2021-22922
05 Aug 2021 — Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-20: Improper Input Validation CWE-755: Improper Handling of Exceptional Conditions CWE-840: Business Logic Errors •
CVSS: 5.7EPSS: 0%CPEs: 26EXPL: 1CVE-2021-22923 – curl: Metalink download sends credentials
https://notcve.org/view.php?id=CVE-2021-22923
05 Aug 2021 — Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-319: Cleartext Transmission of Sensitive Information CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34270
https://notcve.org/view.php?id=CVE-2021-34270
03 Aug 2021 — An integer overflow in the mintToken function of a smart contract implementation for Doftcoin Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses. • https://github.com/MRdoulestar/SC-RCVD/blob/main/Vulnerabilities/Doftcoin.md • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-33403
https://notcve.org/view.php?id=CVE-2021-33403
03 Aug 2021 — An integer overflow in the transfer function of a smart contract implementation for Lancer Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses between two large accounts during a transaction. • https://cn.etherscan.com/address/0x63e634330a20150dbb61b15648bc73855d6ccf07#code • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.2EPSS: 0%CPEs: 7EXPL: 1CVE-2021-32804 – Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
https://notcve.org/view.php?id=CVE-2021-32804
03 Aug 2021 — Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities. • https://github.com/yamory/CVE-2021-32804 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.2EPSS: 0%CPEs: 7EXPL: 0CVE-2021-32803 – Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
https://notcve.org/view.php?id=CVE-2021-32803
03 Aug 2021 — Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22423
https://notcve.org/view.php?id=CVE-2021-22423
03 Aug 2021 — Local attackers may exploit this vulnerability to cause integer overflow. • https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22418
https://notcve.org/view.php?id=CVE-2021-22418
03 Aug 2021 — A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. ... Un componente de HarmonyOS presenta una vulnerabilidad de Desbordamiento de Enteros o Wraparound. Unos atacantes locales pueden explotar esta vulnerabilidad para causar una sobrescritura de memoria • https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077 • CWE-190: Integer Overflow or Wraparound •