CVE-2023-38127
https://notcve.org/view.php?id=CVE-2023-38127
An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. • https://jvn.jp/en/jp/JVN28846531/index.html https://talosintelligence.com/vulnerability_reports/TALOS-2023-1808 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-46228
https://notcve.org/view.php?id=CVE-2023-46228
zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c. zchunk anterior a 1.3.2 tiene múltiples desbordamientos de enteros a través de archivos zchunk con formato incorrecto a lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c o lib/header.c. • https://bugzilla.suse.com/show_bug.cgi?id=1216268 https://github.com/zchunk/zchunk/commit/08aec2b4dfd7f709b6e3d511411ffcc83ed4efbe https://github.com/zchunk/zchunk/compare/1.3.1...1.3.2 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-45853 – zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6
https://notcve.org/view.php?id=CVE-2023-45853
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. ... This may allow an attacker to craft a malicious ZIP file that will lead to an overflow on the length field. This value is further used in memory allocations and indexing, which can cause an out-of-bounds write, leading to heap corruption and possible arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/10/20/9 http://www.openwall.com/lists/oss-security/2024/01/24/10 https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356 https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61 https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4 https://github.com/madler/zlib/pull/843 https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html https: • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVE-2023-42752 – Kernel: integer overflow in igmpv3_newpack leading to exploitable memory access
https://notcve.org/view.php?id=CVE-2023-42752
An integer overflow flaw was found in the Linux kernel. • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://access.redhat.com/security/cve/CVE-2023-42752 https://bugzilla.redhat.com/show_bug.cgi?id=2239828 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=915d975b2ffa https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c3b704d4a4a2 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-22308
https://notcve.org/view.php?id=CVE-2023-22308
An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1737 • CWE-191: Integer Underflow (Wrap or Wraparound) •