CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-48234 – overflow in nv_z_get_count in vim
https://notcve.org/view.php?id=CVE-2023-48234
When getting the count for a normal mode z command, it may overflow for large counts given. • http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/58f9befca1fa172068effad7f2ea5a9d6a7b0cca https://github.com/vim/vim/security/advisories/GHSA-59gw-c949-6phq https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/messag • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-48235 – overflow in ex address parsing in vim
https://notcve.org/view.php?id=CVE-2023-48235
Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. • http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/060623e4a3bc72b011e7cd92bedb3bfb64e06200 https://github.com/vim/vim/security/advisories/GHSA-6g74-hr6q-pr8g https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/messag • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-48236 – overflow in get_number in vim
https://notcve.org/view.php?id=CVE-2023-48236
When using the z= command, the user may overflow the count with values larger than MAX_INT. • http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/73b2d3790cad5694fc0ed0db2926e4220c48d968 https://github.com/vim/vim/security/advisories/GHSA-pr4c-932v-8hx5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/messag • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-48237 – overflow in shift_line in vim
https://notcve.org/view.php?id=CVE-2023-48237
In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. • http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/6bf131888a3d1de62bbfa8a7ea03c0ddccfd496e https://github.com/vim/vim/security/advisories/GHSA-f2m2-v387-gv87 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/messag • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22305
https://notcve.org/view.php?id=CVE-2023-22305
Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •