CVSS: 7.8EPSS: 0%CPEs: 518EXPL: 0CVE-2023-33059 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33059
Memory corruption in Audio while processing the VOC packet data from ADSP. Corrupción de la memoria en Audio mientras se procesan los datos del paquete VOC desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47360
https://notcve.org/view.php?id=CVE-2023-47360
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length. • https://0xariana.github.io/blog/real_bugs/vlc/mms https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2023-32836
https://notcve.org/view.php?id=CVE-2023-32836
In display, there is a possible out of bounds write due to an integer overflow. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5849
https://notcve.org/view.php?id=CVE-2023-5849
Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html https://crbug.com/1492384 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBA4KD5ZSV6XWWFLVR5UBYKKNOYMH33H https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V https://security.gentoo.org/glsa/202311-11 https://secu • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21375
https://notcve.org/view.php?id=CVE-2023-21375
In Sysproxy, there is a possible out of bounds write due to an integer underflow. • https://source.android.com/docs/security/bulletin/android-14 • CWE-190: Integer Overflow or Wraparound •