CVSS: 5.3EPSS: 1%CPEs: 55EXPL: 0CVE-2025-20128 – ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20128
22 Jan 2025 — This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. • https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-49749
https://notcve.org/view.php?id=CVE-2024-49749
21 Jan 2025 — In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/2025-01-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-57938 – net/sctp: Prevent autoclose integer overflow in sctp_association_init()
https://notcve.org/view.php?id=CVE-2024-57938
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctp_association_init() While by default max_autoclose equals to INT_MAX / HZ, one may set net.sctp.max_autoclose to UINT_MAX. In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctp_association_init() While by default max_autoclose equals to INT_MAX / HZ, one may set net.sctp.max_autoclose to UINT_MAX... • https://git.kernel.org/stable/c/9f70f46bd4c7267d48ef461a1d613ec9ec0d520c •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9387
https://notcve.org/view.php?id=CVE-2018-9387
17 Jan 2025 — In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2018-06-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-57890 – RDMA/uverbs: Prevent integer overflow issue
https://notcve.org/view.php?id=CVE-2024-57890
15 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. ... The "cmd.sge_count * sizeof(struct ib_uverbs_sge)" multiplication can also overflow on 32bit systems although it's fine on 64bit systems. The "cmd.sge_count * sizeof(struct ib_uverbs_sge)" multiplication can also over... • https://git.kernel.org/stable/c/67cdb40ca444c09853ab4d8a41cf547ac26a4de4 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0448 – Debian Security Advisory 5844-1
https://notcve.org/view.php?id=CVE-2025-0448
15 Jan 2025 — Inappropriate implementation in Navigation Integer overflow in Skia. Out of bounds read in Metrics Stack buffer overflow in Tracing Race in Frames. • https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0447 – Debian Security Advisory 5844-1
https://notcve.org/view.php?id=CVE-2025-0447
15 Jan 2025 — Inappropriate implementation in Navigation Integer overflow in Skia. Out of bounds read in Metrics Stack buffer overflow in Tracing Race in Frames. • https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0446 – Debian Security Advisory 5844-1
https://notcve.org/view.php?id=CVE-2025-0446
15 Jan 2025 — Inappropriate implementation in Navigation Integer overflow in Skia. Out of bounds read in Metrics Stack buffer overflow in Tracing Race in Frames. • https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0443 – Debian Security Advisory 5844-1
https://notcve.org/view.php?id=CVE-2025-0443
15 Jan 2025 — Inappropriate implementation in Navigation Integer overflow in Skia. Out of bounds read in Metrics Stack buffer overflow in Tracing Race in Frames. • https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0442 – Debian Security Advisory 5844-1
https://notcve.org/view.php?id=CVE-2025-0442
15 Jan 2025 — Inappropriate implementation in Navigation Integer overflow in Skia. Out of bounds read in Metrics Stack buffer overflow in Tracing Race in Frames. • https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html • CWE-290: Authentication Bypass by Spoofing •