CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40548 – Shim: interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems
https://notcve.org/view.php?id=CVE-2023-40548
29 Jan 2024 — A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase. Se encontró un desbordamiento de búfer en Shim en el sistema de 32 bits. • https://access.redhat.com/errata/RHSA-2024:1834 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52389
https://notcve.org/view.php?id=CVE-2023-52389
27 Jan 2024 — UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. • https://github.com/pocoproject/poco/compare/poco-1.12.5p2-release...poco-1.13.0-release • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22860
https://notcve.org/view.php?id=CVE-2024-22860
27 Jan 2024 — Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61991 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22861
https://notcve.org/view.php?id=CVE-2024-22861
27 Jan 2024 — Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. • https://github.com/FFmpeg/FFmpeg/commit/87b8c1081959e45ffdcbabb3d53ac9882ef2b5ce • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22862
https://notcve.org/view.php?id=CVE-2024-22862
27 Jan 2024 — Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62113 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23307 – Integer overflow in raid5_cache_count in Linux kernel
https://notcve.org/view.php?id=CVE-2024-23307
25 Jan 2024 — Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. Desbordamiento de enteros o vulnerabilidad Wraparound en el kernel de Linux en Linux, x86, ARM (módulos md, raid, raid5) permite el desbordamiento de enteros forzado. • https://bugzilla.openanolis.cn/show_bug.cgi?id=7975 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0808 – Debian Security Advisory 5607-1
https://notcve.org/view.php?id=CVE-2024-0808
23 Jan 2024 — Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23848 – kernel: use-after-free in cec_queue_msg_fh
https://notcve.org/view.php?id=CVE-2024-23848
23 Jan 2024 — Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. • https://lore.kernel.org/lkml/e9f42704-2f99-4f2c-ade5-f952e5fd53e5%40xs4all.nl • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-22211 – FreeRDP integer Overflow leading to Heap Overflow
https://notcve.org/view.php?id=CVE-2024-22211
19 Jan 2024 — In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. ... An integer overflow within freerdp_bitmap_planar_context_reset results in a heap-buffer overflow. • https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-33631 – Kernel crash in EXT4 filesystem
https://notcve.org/view.php?id=CVE-2021-33631
18 Jan 2024 — Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0. ... A flaw was found in the openEuler kernel in Linux filesystem modules that allows an integer overflow via mounting a corrupted filesystem. • http://www.openwall.com/lists/oss-security/2024/01/30/10 • CWE-190: Integer Overflow or Wraparound •