CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24609
https://notcve.org/view.php?id=CVE-2023-24609
22 Dec 2023 — Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. • https://www.rambus.com/security/software-protocols/tls-toolkit • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-48298 – Integer underflow leading to stack overflow in FPC codec decompression
https://notcve.org/view.php?id=CVE-2023-48298
21 Dec 2023 — This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. • https://github.com/ClickHouse/ClickHouse/pull/56795 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-43826 – Apache Guacamole: Integer overflow in handling of VNC image buffers
https://notcve.org/view.php?id=CVE-2023-43826
19 Dec 2023 — Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. • http://www.openwall.com/lists/oss-security/2023/12/19/4 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-46804 – Ivanti Avalanche WLAvalancheService Integer Underflow Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-46804
19 Dec 2023 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before reading from memory. • https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4320 – Satellite: arithmetic overflow in satellite
https://notcve.org/view.php?id=CVE-2023-4320
18 Dec 2023 — An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity. • https://access.redhat.com/errata/RHSA-2024:2010 • CWE-613: Insufficient Session Expiration •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-44709
https://notcve.org/view.php?id=CVE-2023-44709
14 Dec 2023 — PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an integer overflow via the component plutosvg_load_from_memory. • https://gist.github.com/sunwithmoon/3f810c27d2e553f9d31bd7c50566f15b#file-cve-2023-44709 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 0CVE-2023-6478 – Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
https://notcve.org/view.php?id=CVE-2023-6478
13 Dec 2023 — A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before validating a buffer. • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-35632 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35632
12 Dec 2023 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Controlador de función auxiliar de Windows para la vulnerabilidad de elevación de privilegios de WinSock • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35632 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-35644 – Windows Sysmain Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35644
12 Dec 2023 — Windows Sysmain Service Elevation of Privilege Elevación de privilegios del Servicio Windows Sysmain Windows Sysmain Service Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35644 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48409
https://notcve.org/view.php?id=CVE-2023-48409
08 Dec 2023 — In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-190: Integer Overflow or Wraparound •