CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22051 – CommonMarker Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2024-22051
CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns. • https://github.com/advisories/GHSA-fmx4-26r3-wxpf https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3 https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21631 – Integer overflow in URI leading to potential host spoofing
https://notcve.org/view.php?id=CVE-2024-21631
Prior to version 4.90.0, Vapor's `vapor_urlparser_parse` function uses `uint16_t` indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs. ... By padding the port number with zeros, an attacker can cause an integer overflow to occur when the URL authority is parsed and, as a result, spoof the host. • https://github.com/vapor/vapor/commit/6db3d917b5ce5024a84eb265ef65691383305d70 https://github.com/vapor/vapor/security/advisories/GHSA-r6r4-5pr8-gjcp • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound CWE-1104: Use of Unmaintained Third Party Components •
CVSS: 7.8EPSS: 0%CPEs: 294EXPL: 0CVE-2023-33038 – Integer Overflow or Wraparound in Radio Interface Layer
https://notcve.org/view.php?id=CVE-2023-33038
Memory corruption while receiving a message in Bus Socket Transport Server. Corrupción de la memoria al recibir un mensaje en Bus Socket Transport Server. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 240EXPL: 0CVE-2023-33032 – Integer Overflow or Wraparound in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-33032
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Corrupción de la memoria en TZ Secure OS al solicitar una asignación de memoria de la región TA. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 23EXPL: 0CVE-2023-32881
https://notcve.org/view.php?id=CVE-2023-32881
In battery, there is a possible information disclosure due to an integer overflow. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-190: Integer Overflow or Wraparound •