CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-24474
https://notcve.org/view.php?id=CVE-2024-24474
QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. • https://gist.github.com/1047524396/5ce07b9d387095c276b1cd234ae5615e https://github.com/qemu/qemu/commit/77668e4b9bca03a856c27ba899a2513ddf52bb52 https://gitlab.com/qemu-project/qemu/-/issues/1810 https://security.netapp.com/advisory/ntap-20240510-0012 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 2.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-1633 – FIP Header Integer Overflow
https://notcve.org/view.php?id=CVE-2024-1633
Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. • https://asrg.io/security-advisories/CVE-2024-1633 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1580 – Integer overflow in VideoLAN dav1d
https://notcve.org/view.php?id=CVE-2024-1580
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. ... There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write. • http://seclists.org/fulldisclosure/2024/Mar/36 http://seclists.org/fulldisclosure/2024/Mar/37 http://seclists.org/fulldisclosure/2024/Mar/38 http://seclists.org/fulldisclosure/2024/Mar/39 http://seclists.org/fulldisclosure/2024/Mar/40 http://seclists.org/fulldisclosure/2024/Mar/41 https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS https://code.videolan.org/videolan/dav1d/-/releases/1.4.0 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorap • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-20730 – TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability
https://notcve.org/view.php?id=CVE-2024-20730
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb24-07.html https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1906 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 24EXPL: 0CVE-2024-21420 – Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21420
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Proveedor Microsoft WDAC OLE DB para la vulnerabilidad de ejecución remota de código de SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21420 • CWE-190: Integer Overflow or Wraparound •