CVSS: 5.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-45775 – Grub2: commands/extcmd: missing check for failed allocation
https://notcve.org/view.php?id=CVE-2024-45775
18 Feb 2025 — Fixed an integer overflow in gettext. ... Fixed an integer overflow that may lead to an out-of-bounds write through the read command. ... Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in ufs. ... Fixed an integer overflow that may lead to an out-of-bounds write in hfs. Fixed an integer overflow that may lead to an out-of-bounds write in squa... • https://access.redhat.com/security/cve/CVE-2024-45775 • CWE-252: Unchecked Return Value •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-45774 – Grub2: reader/jpeg: heap oob write during jpeg parsing
https://notcve.org/view.php?id=CVE-2024-45774
18 Feb 2025 — Fixed an integer overflow in gettext. ... Fixed an integer overflow that may lead to an out-of-bounds write through the read command. ... Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in ufs. ... Fixed an integer overflow that may lead to an out-of-bounds write in hfs. Fixed an integer overflow that may lead to an out-of-bounds write in squa... • https://access.redhat.com/security/cve/CVE-2024-45774 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57256 – SUSE Security Advisory - SUSE-SU-2025:0989-1
https://notcve.org/view.php?id=CVE-2024-57256
18 Feb 2025 — An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. ... Integer overflow in U-Boot's ext4 symlink resolution function. Multiple integer overflows in U-Boot's memory allocator. • https://source.denx.de/u-boot/u-boot/-/commit/35f75d2a46e5859138c83a75cd2f4141c5479ab9 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57258 – SUSE Security Advisory - SUSE-SU-2025:0989-1
https://notcve.org/view.php?id=CVE-2024-57258
18 Feb 2025 — Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64. ... Integer overflow in U-Boot's ext4 symlink resolution function. Multiple integer overflows in U-Boot's memory allocator. • https://source.denx.de/u-boot/u-boot/-/commit/0a10b49206a29b4aa2f80233a3e53ca0466bb0b3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57255
https://notcve.org/view.php?id=CVE-2024-57255
18 Feb 2025 — An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. • https://source.denx.de/u-boot/u-boot/-/commit/233945eba63e24061dffeeaeb7cd6fe985278356 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57254
https://notcve.org/view.php?id=CVE-2024-57254
18 Feb 2025 — An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem. • https://source.denx.de/u-boot/u-boot/-/commit/c8e929e5758999933f9e905049ef2bf3fe6b140d • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11347 – Access of Resource Using Incompatible Type in Postscript interpreter
https://notcve.org/view.php?id=CVE-2024-11347
13 Feb 2025 — Integer Overflow or Wraparound vulnerability in Lexmark International CX, XC, CS, et. ... (Postscript interpreter modules) allows Forced Integer Overflow.The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34399
https://notcve.org/view.php?id=CVE-2023-34399
13 Feb 2025 — The version of boost library contains vulnerability integer overflow. • https://securelist.com/mercedes-benz-head-unit-security-research/115218 • CWE-190: Integer Overflow or Wraparound •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34406
https://notcve.org/view.php?id=CVE-2023-34406
13 Feb 2025 — A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. • https://securelist.com/mercedes-benz-head-unit-security-research/115218 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53880
https://notcve.org/view.php?id=CVE-2024-53880
12 Feb 2025 — NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. • https://nvidia.custhelp.com/app/answers/detail/a_id/5612 • CWE-190: Integer Overflow or Wraparound •