CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57255
https://notcve.org/view.php?id=CVE-2024-57255
18 Feb 2025 — An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. • https://source.denx.de/u-boot/u-boot/-/commit/233945eba63e24061dffeeaeb7cd6fe985278356 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57254
https://notcve.org/view.php?id=CVE-2024-57254
18 Feb 2025 — An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem. • https://source.denx.de/u-boot/u-boot/-/commit/c8e929e5758999933f9e905049ef2bf3fe6b140d • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57258
https://notcve.org/view.php?id=CVE-2024-57258
18 Feb 2025 — Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64. • https://source.denx.de/u-boot/u-boot/-/commit/0a10b49206a29b4aa2f80233a3e53ca0466bb0b3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57256
https://notcve.org/view.php?id=CVE-2024-57256
18 Feb 2025 — An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. • https://source.denx.de/u-boot/u-boot/-/commit/35f75d2a46e5859138c83a75cd2f4141c5479ab9 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-11347 – Access of Resource Using Incompatible Type in Postscript interpreter
https://notcve.org/view.php?id=CVE-2024-11347
13 Feb 2025 — Integer Overflow or Wraparound vulnerability in Lexmark International CX, XC, CS, et. ... (Postscript interpreter modules) allows Forced Integer Overflow.The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-34399
https://notcve.org/view.php?id=CVE-2023-34399
13 Feb 2025 — The version of boost library contains vulnerability integer overflow. • https://securelist.com/mercedes-benz-head-unit-security-research/115218 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-34406
https://notcve.org/view.php?id=CVE-2023-34406
13 Feb 2025 — A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. • https://securelist.com/mercedes-benz-head-unit-security-research/115218 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53880
https://notcve.org/view.php?id=CVE-2024-53880
12 Feb 2025 — NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. • https://nvidia.custhelp.com/app/answers/detail/a_id/5612 • CWE-190: Integer Overflow or Wraparound •
CVSS: 2.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-20507
https://notcve.org/view.php?id=CVE-2023-20507
11 Feb 2025 — An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21376 – Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21376
11 Feb 2025 — Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21376 • CWE-122: Heap-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •