CVSS: 9.0EPSS: 2%CPEs: 4EXPL: 0CVE-2023-37536 – HCL BigFix Platform is vulnerable to an integer overflow in xerces-c++ 3.2.3
https://notcve.org/view.php?id=CVE-2023-37536
11 Oct 2023 — An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. ... An integer overflow exists in xerces-c++. • https://lists.debian.org/debian-lts-announce/2023/12/msg00027.html • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-36785 – Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36785
10 Oct 2023 — Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Microsoft ODBC Driver para SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36785 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2023-36576 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36576
10 Oct 2023 — Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del kernel de Windows The Microsoft Windows kernel suffers from a containerized registry escape through integer overflows in VrpBuildKeyPath and other weaknesses. • https://packetstorm.news/files/id/175659 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 16EXPL: 0CVE-2023-36582 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36582
10 Oct 2023 — Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-36593 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36593
10 Oct 2023 — Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2023-36478 – HTTP/2 HPACK integer overflow and buffer allocation
https://notcve.org/view.php?id=CVE-2023-36478
10 Oct 2023 — In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. ... In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. • http://www.openwall.com/lists/oss-security/2023/10/18/4 • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44378 – gnark vulnerable to unsoundness in variable comparison/non-unique binary decomposition
https://notcve.org/view.php?id=CVE-2023-44378
09 Oct 2023 — gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of `a`, for small values there exists a second decomposition for `a+r` (where `r` is the modulus the values are being reduced by). The second decomposition was possible due to overflowing the field where the values are defined. Upgrading to version 0.9.0 should fix the issue wit... • https://github.com/Consensys/gnark/commit/59a4087261a6c73f13e80d695c17b398c3d0934f • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-697: Incorrect Comparison •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 1CVE-2023-5441 – NULL Pointer Dereference in vim/vim
https://notcve.org/view.php?id=CVE-2023-5441
05 Oct 2023 — It was discovered that Vim contained an arithmetic overflow. • https://github.com/vim/vim/commit/20d161ace307e28690229b68584f2d84556f8960 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-41175 – Libtiff: potential integer overflow in raw2tiff.c
https://notcve.org/view.php?id=CVE-2023-41175
05 Oct 2023 — A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. • https://access.redhat.com/errata/RHSA-2024:2289 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-40745 – Libtiff: integer overflow in tiffcp.c
https://notcve.org/view.php?id=CVE-2023-40745
05 Oct 2023 — LibTIFF is vulnerable to an integer overflow. • https://access.redhat.com/errata/RHSA-2024:2289 • CWE-190: Integer Overflow or Wraparound •