CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31102 – 7-Zip 7Z File Parsing Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-31102
Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive. 7-Zip hasta 22.01 en Linux permite un desbordamiento de números enteros y la ejecución de código a través de un archivo 7Z manipulado. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. • https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102 https://security.netapp.com/advisory/ntap-20231110-0007 https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269 https://www.7-zip.org/download.html https://www.zerodayinitiative.com/advisories/ZDI-23-1165 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-21699
https://notcve.org/view.php?id=CVE-2020-21699
The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to an integer overflow vulnerability in the nginx range filter module, resulting in the leakage of potentially sensitive information triggered by specially crafted requests. • https://github.com/ZxDecide/Nginx-variants/blob/master/%E9%99%84%E4%BB%B6%28Tengine%29.docx • CWE-190: Integer Overflow or Wraparound •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-19909
https://notcve.org/view.php?id=CVE-2020-19909
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. ... This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error. • https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves https://github.com/curl/curl/pull/4166 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-2914 – Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy
https://notcve.org/view.php?id=CVE-2023-2914
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39125
https://notcve.org/view.php?id=CVE-2023-39125
NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmp_rw.c because a file's width, height, and BPP are not validated. • https://github.com/LMP88959/NTSC-CRT/issues/32 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •