CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20653
https://notcve.org/view.php?id=CVE-2025-20653
03 Mar 2025 — In da, there is a possible out of bounds read due to an integer overflow. • https://corp.mediatek.com/product-security-bulletin/March-2025 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2173 – libzvbi conv.c vbi_strndup_iconv_ucs2 uninitialized pointer
https://notcve.org/view.php?id=CVE-2025-2173
28 Feb 2025 — Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c. Fixed integer overflow in _vbi_strndup_iconv. Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c. Fixed integer overflow in function vbi_search_new in src/search.c. • https://github.com/zapping-vbi/zvbi/commit/8def647eea27f7fd7ad33ff79c2d6d3e39948dce • CWE-824: Access of Uninitialized Pointer CWE-908: Use of Uninitialized Resource •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2174 – libzvbi conv.c vbi_strndup_iconv_ucs2 integer overflow
https://notcve.org/view.php?id=CVE-2025-2174
28 Feb 2025 — The manipulation of the argument src_length leads to integer overflow. ... Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c. Fixed integer overflow in _vbi_strndup_iconv. Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c. Fixed integer overflow in function vbi_search_new in src/search.c. • https://github.com/zapping-vbi/zvbi/commit/ca1672134b3e2962cd392212c73f44f8f4cb489f • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2175 – libzvbi _vbi_strndup_iconv integer overflow
https://notcve.org/view.php?id=CVE-2025-2175
28 Feb 2025 — The manipulation leads to integer overflow. ... Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c. Fixed integer overflow in _vbi_strndup_iconv. Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c. Fixed integer overflow in function vbi_search_new in src/search.c. • https://github.com/zapping-vbi/zvbi/releases/tag/v0.2.44 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2176 – libzvbi io-sim.c vbi_capture_sim_load_caption integer overflow
https://notcve.org/view.php?id=CVE-2025-2176
28 Feb 2025 — The manipulation leads to integer overflow. ... Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c. Fixed integer overflow in _vbi_strndup_iconv. Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c. Fixed integer overflow in function vbi_search_new in src/search.c. • https://github.com/zapping-vbi/zvbi/commit/ca1672134b3e2962cd392212c73f44f8f4cb489f • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2177 – libzvbi search.c vbi_search_new integer overflow
https://notcve.org/view.php?id=CVE-2025-2177
28 Feb 2025 — The manipulation of the argument pat_len leads to integer overflow. ... Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c. Fixed integer overflow in _vbi_strndup_iconv. Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c. Fixed integer overflow in function vbi_search_new in src/search.c. • https://github.com/zapping-vbi/zvbi/commit/ca1672134b3e2962cd392212c73f44f8f4cb489f • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52559 – drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()
https://notcve.org/view.php?id=CVE-2024-52559
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() The "submit->cmd[i].size" and "submit->cmd[i].offset" variables are u32 values that come from the user via the submit_lookup_cmds() function. This addition could lead to an integer wrapping bug so use size_add() to prevent that. This addition could lead to an integer wrapping bug so use size_add() to prevent that. Patchwork: https://patchwork.freedes... • https://git.kernel.org/stable/c/198725337ef1f73b73e7dc953c6ffb0799f26ffe •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52557 – drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get()
https://notcve.org/view.php?id=CVE-2024-52557
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get() This patch fixes a potential integer overflow in the zynqmp_dp_rate_get() The issue comes up when the expression drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000 is evaluated using 32-bit Now the constant is a compatible 64-bit type. Resolves coverity issues: CID 1636340 and CID 1635811 In the Linux kernel, the following vulnerability has been reso... • https://git.kernel.org/stable/c/28edaacb821c69241f6c0be6bbd29f7145f1b44f •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-58017 – printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
https://notcve.org/view.php?id=CVE-2024-58017
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which leads to undefine... • https://git.kernel.org/stable/c/54c14022fa2ba427dc543455c2cf9225903a7174 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-58010 – binfmt_flat: Fix integer overflow bug on 32 bit systems
https://notcve.org/view.php?id=CVE-2024-58010
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: binfmt_flat: Fix integer overflow bug on 32 bit systems Most of these sizes and counts are capped at 256MB so the math doesn't result in an integer overflow. ... Otherwise on 32bit systems the calculation of "full_data" could be wrong. full_data = data_len + relocs * sizeof(unsigned long); In the Linux kernel, the following vulnerability has been resolved: binfmt_flat: Fix integer overflow bug on 32... • https://git.kernel.org/stable/c/c995ee28d29d6f256c3a8a6c4e66469554374f25 •