CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21646 – Azure IoT Platform Device SDK Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21646
When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. • https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47996
https://notcve.org/view.php?id=CVE-2023-47996
An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service. • https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47996 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47994
https://notcve.org/view.php?id=CVE-2023-47994
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code. • https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47994 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47992
https://notcve.org/view.php?id=CVE-2023-47992
An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code. • https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47992 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32650
https://notcve.org/view.php?id=CVE-2023-32650
An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html https://talosintelligence.com/vulnerability_reports/TALOS-2023-1777 • CWE-190: Integer Overflow or Wraparound •