CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10917 – Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength
https://notcve.org/view.php?id=CVE-2024-10917
In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters. • https://github.com/eclipse-openj9/openj9/pull/20362 https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0 https://gitlab.eclipse.org/security/cve-assignement/-/issues/47 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-46953
https://notcve.org/view.php?id=CVE-2024-46953
An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. • https://bugs.ghostscript.com/show_bug.cgi?id=707793 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=1f21a45df0fa3abec4cff12951022b192dda3c00 https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-46613
https://notcve.org/view.php?id=CVE-2024-46613
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. • https://github.com/weechat/weechat/issues/2178 https://weechat.org/doc/weechat/security/WSA-2024-1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2024-38422 – Integer Overflow to Buffer Overflow in Audio
https://notcve.org/view.php?id=CVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-48289
https://notcve.org/view.php?id=CVE-2024-48289
An issue in the Bluetooth Low Energy implementation of Cypress Bluetooth SDK v3.66 allows attackers to cause a Denial of Service (DoS) via supplying a crafted LL_PAUSE_ENC_REQ packet. • https://community.infineon.com/t5/PSoC-4/BLE-SDK-Integer-Overflow/m-p/888037#M49108 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •