CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-27292 – nodejs-ua-parser-js: ReDoS via malicious User-Agent header
https://notcve.org/view.php?id=CVE-2021-27292
17 Mar 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 40EXPL: 0CVE-2020-11305
https://notcve.org/view.php?id=CVE-2020-11305
17 Mar 2021 — Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music Un Desbordamiento de enteros en el arranque debido a una comprobación inapropiada de la longitud en los argumentos recibidos en los productos Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28092 – nodejs-is-svg: ReDoS via malicious string
https://notcve.org/view.php?id=CVE-2021-28092
12 Mar 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://github.com/sindresorhus/is-svg/releases • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-35230
https://notcve.org/view.php?id=CVE-2020-35230
10 Mar 2021 — Multiple integer overflow parameters were found in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices. Most of the integer parameters sent through the web server can be abused to cause a denial of service attack. • https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0458 – Google Android fts_driver_test_write Integer Overflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-0458
10 Mar 2021 — In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before reading from memory. • https://source.android.com/security/bulletin/pixel/2021-03-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-24025
https://notcve.org/view.php?id=CVE-2021-24025
10 Mar 2021 — Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function can trigger an integer overflow leading to a heap overflow. • https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1916
https://notcve.org/view.php?id=CVE-2020-1916
10 Mar 2021 — An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. • https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-0393
https://notcve.org/view.php?id=CVE-2021-0393
10 Mar 2021 — In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. • https://github.com/Trinadh465/external_v8_AOSP10_r33_CVE-2021-0393 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 29%CPEs: 1EXPL: 2CVE-2020-29238 – ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow
https://notcve.org/view.php?id=CVE-2020-29238
10 Mar 2021 — An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request. Un desbordamiento de búfer entero en el servidor web Nginx de ExpressVPN Router versión 1 permite a los atacantes remotos obtener informaciones sensibles cuando el servidor se ejecuta como proxy inverso a través de una solicitud especialmente diseñada ExpressVPN VPN Router version 1.0 suffers fr... • http://packetstormsecurity.com/files/162152/ExpressVPN-VPN-Router-1.0-Integer-Overflow.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20268 – Ubuntu Security Notice USN-4910-1
https://notcve.org/view.php?id=CVE-2021-20268
09 Mar 2021 — It was discovered that the BPF verifier in the Linux kernel did not properly handle signed add32 and sub integer overflows. • https://bugzilla.redhat.com/show_bug.cgi?id=1923816 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •