CVE-2023-32850
https://notcve.org/view.php?id=CVE-2023-32850
In decoder, there is a possible out of bounds write due to an integer overflow. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-6345 – Google Skia Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-6345
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. ... (Severidad de seguridad de Chrome: alta) Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a malicious file. • https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html https://crbug.com/1505053 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T7ABNYMOI4ZHVCSPCNP7HQTOLGF53A2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJROPNKWW65R34J4IYGTJ7A3OBPUL4IQ https://security.gentoo.org/glsa/202401-34 https://www& • CWE-190: Integer Overflow or Wraparound •
CVE-2023-4398
https://notcve.org/view.php?id=CVE-2023-4398
An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet. • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps • CWE-190: Integer Overflow or Wraparound •
CVE-2021-27504 – Texas Instruments FREERTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27504
Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 https://www.ti.com/tool/TI-RTOS-MCU • CWE-190: Integer Overflow or Wraparound •
CVE-2021-27502 – Texas Instruments TI-RTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27502
Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 https://www.ti.com/tool/TI-RTOS-MCU • CWE-190: Integer Overflow or Wraparound •