CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4320 – Satellite: arithmetic overflow in satellite
https://notcve.org/view.php?id=CVE-2023-4320
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity. • https://access.redhat.com/errata/RHSA-2024:2010 https://access.redhat.com/security/cve/CVE-2023-4320 https://bugzilla.redhat.com/show_bug.cgi?id=2231814 • CWE-613: Insufficient Session Expiration •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-44709
https://notcve.org/view.php?id=CVE-2023-44709
PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an integer overflow via the component plutosvg_load_from_memory. • https://gist.github.com/sunwithmoon/3f810c27d2e553f9d31bd7c50566f15b#file-cve-2023-44709 https://github.com/sammycage/plutosvg/issues/7 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.6EPSS: 0%CPEs: 17EXPL: 0CVE-2023-6478 – Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
https://notcve.org/view.php?id=CVE-2023-6478
A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before validating a buffer. • http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/errata/RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0017 https://access.redhat.com& • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-35632 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35632
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Controlador de función auxiliar de Windows para la vulnerabilidad de elevación de privilegios de WinSock • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35632 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-35644 – Windows Sysmain Service Elevation of Privilege
https://notcve.org/view.php?id=CVE-2023-35644
Windows Sysmain Service Elevation of Privilege Elevación de privilegios del Servicio Windows Sysmain • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35644 • CWE-190: Integer Overflow or Wraparound •