CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47028
https://notcve.org/view.php?id=CVE-2024-47028
25 Oct 2024 — In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47024
https://notcve.org/view.php?id=CVE-2024-47024
25 Oct 2024 — In vring_size of external/headers/include/virtio/virtio_ring.h, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 38EXPL: 0CVE-2024-20474
https://notcve.org/view.php?id=CVE-2024-20474
23 Oct 2024 — This vulnerability is due to an integer underflow condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-46483
https://notcve.org/view.php?id=CVE-2024-46483
22 Oct 2024 — Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content. • https://github.com/kn32/cve-2024-46483 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42643
https://notcve.org/view.php?id=CVE-2024-42643
22 Oct 2024 — Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access. • https://github.com/pymumu/smartdns/issues/1779 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48947 – Bluetooth: L2CAP: Fix u8 overflow
https://notcve.org/view.php?id=CVE-2022-48947
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this by adding a boundary check with L2CAP_MAX_CONF_RSP Btmon log: Bluetooth monitor ver 5.64 = Note: Linux version 6.1.0-rc2 (x86_64) 0.264594 = Note: Bluetooth subsystem version 2.22 0.264636 @ MGMT Open: btmon (privileged) version 1.22 ... • https://git.kernel.org/stable/c/49d5867819ab7c744852b45509e8469839c07e0e • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-49994 – block: fix integer overflow in BLKSECDISCARD
https://notcve.org/view.php?id=CVE-2024-49994
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure erase. • https://git.kernel.org/stable/c/8476f8428e8b48fd7a0e4258fa2a96a8f4468239 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49888 – bpf: Fix a sdiv overflow issue
https://notcve.org/view.php?id=CVE-2024-49888
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a sdiv overflow issue Zac Ecob reported a problem where a bpf program may cause kernel crash due to the following error: Oops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI The failure is due to the below signed divide: LLONG_MIN/-1 where LLONG_MIN equals to -9,223,372,036,854,775,808. LLONG_MIN/-1 is supposed to give a positive number 9,223,372,036,854,775,808, but it is impossible since for 64-bit system, the maximum positive num... • https://git.kernel.org/stable/c/ec0e2da95f72d4a46050a4d994e4fe471474fd80 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47739 – padata: use integer wrap around to prevent deadlock on seq_nr overflow
https://notcve.org/view.php?id=CVE-2024-47739
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do_serial, the current sorting implementation incorrectly sorts padata objects with overflowed seq_nr, causing them to be placed before existing objects in the reorder list. In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent dead... • https://git.kernel.org/stable/c/bfde23ce200e6d33291d29b9b8b60cc2f30f0805 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43566 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43566
17 Oct 2024 — Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43566 • CWE-190: Integer Overflow or Wraparound •