CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4722 – Integer Overflow or Wraparound in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-4722
01 Sep 2023 — Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV. Un Desbordamiento de Enteros o Wraparound en el repositorio de GitHub gpac/gpac versiones anteriores a 2.3-DEV. • https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36326
https://notcve.org/view.php?id=CVE-2023-36326
01 Sep 2023 — Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bn_grow function. • https://github.com/relic-toolkit/relic/commit/34580d840469361ba9b5f001361cad659687b9ab • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36327
https://notcve.org/view.php?id=CVE-2023-36327
01 Sep 2023 — Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bn_get_prime function. • https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-36328 – Ubuntu Security Notice USN-6402-2
https://notcve.org/view.php?id=CVE-2023-36328
01 Sep 2023 — Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). • https://github.com/libtom/libtommath/pull/546 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 1CVE-2023-40186 – IntegerOverflow leading to Out-Of-Bound Write Vulnerability in FreeRDP
https://notcve.org/view.php?id=CVE-2023-40186
31 Aug 2023 — An integer overflow vulnerability was found in the `gdi_CreateSurface` function in FreeRDP, which may result in a crash. • https://github.com/FreeRDP/FreeRDP/blob/fee2b10ba1154f952769a53eb608f044782e22f8/libfreerdp/gdi/gfx.c#L1156-L1165 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 1CVE-2023-40181 – Integer-Underflow leading to Out-Of-Bound Read in FreeRDP
https://notcve.org/view.php?id=CVE-2023-40181
31 Aug 2023 — Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the `zgfx_decompress_segment` function. • https://github.com/FreeRDP/FreeRDP/blob/2252d53001d9ce8a452f0a0a5b1f5ed9db6d57f1/libfreerdp/codec/zgfx.c#L256-L261 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-39350 – Incorrect offset calculation leading to denial of service in FreeRDP
https://notcve.org/view.php?id=CVE-2023-39350
31 Aug 2023 — Integer underflow leading to DOS (e.g. abort due to `WINPR_ASSERT` with default compilation flags). When an insufficient blockLen is provided, and proper length validation is not performed, an Integer Underflow occurs, leading to a Denial of Service (DOS) vulnerability. ... When an insufficient blockLen value is provided and proper length validation is not performed, an Integer Underflow can occur, leading to a Denial of Service (DOS). • https://github.com/FreeRDP/FreeRDP/commit/e204fc8be5a372626b13f66daf2abafe71dbc2dc • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41185 – Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-41185
30 Aug 2023 — Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. ... When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. ... When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. • https://www.zerodayinitiative.com/advisories/ZDI-23-1286 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40022 – Rizin vulnerable to Integer Overflow in C++ demangler logic
https://notcve.org/view.php?id=CVE-2023-40022
24 Aug 2023 — Versions 0.6.0 and prior are vulnerable to integer overflow in `consume_count` of `src/gnu_v2/cplus-dem.c`. • https://github.com/rizinorg/rizin/pull/3753 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31102 – 7-Zip 7Z File Parsing Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-31102
23 Aug 2023 — Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive. 7-Zip hasta 22.01 en Linux permite un desbordamiento de números enteros y la ejecución de código a través de un archivo 7Z manipulado. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. • https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102 • CWE-191: Integer Underflow (Wrap or Wraparound) •