CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2023-37536 – HCL BigFix Platform is vulnerable to an integer overflow in xerces-c++ 3.2.3
https://notcve.org/view.php?id=CVE-2023-37536
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. ... An integer overflow exists in xerces-c++. This flaw allows an attacker using a specially crafted HTTP request payload to trigger an out-of-bounds read, resulting in a loss of confidentiality, integrity, and availability. • https://lists.debian.org/debian-lts-announce/2023/12/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AJYZUBGPVWJ7LEHRCMB5XVADQBNGURXD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAOSSJ72CUJ535VRWTCVQKUYT2LYR3OM https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107791 https://access.redhat.com/security • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-36785 – Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36785
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Microsoft ODBC Driver para SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36785 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-36576 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36576
Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del kernel de Windows The Microsoft Windows kernel suffers from a containerized registry escape through integer overflows in VrpBuildKeyPath and other weaknesses. • http://packetstormsecurity.com/files/175659/Windows-Kernel-Containerized-Registry-Escape.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36576 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 16EXPL: 0CVE-2023-36582 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36582
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-36593 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36593
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593 • CWE-190: Integer Overflow or Wraparound •