CVE-2023-24949 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24949
The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when performing a bounds check before reading from memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24949 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-24948 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24948
The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24948 • CWE-122: Heap-based Buffer Overflow •
CVE-2023-24945 – Windows iSCSI Target Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-24945
Windows iSCSI Target Service Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24945 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-31137 – MaraDNS Integer Underflow Vulnerability in DNS Packet Decompression
https://notcve.org/view.php?id=CVE-2023-31137
In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination. The vulnerability exists in the `decomp_get_rddata` function within the `Decompress.c` file. • https://github.com/samboy/MaraDNS/blob/08b21ea20d80cedcb74aa8f14979ec7c61846663/dns/Decompress.c#L886 https://github.com/samboy/MaraDNS/commit/bab062bde40b2ae8a91eecd522e84d8b993bab58 https://github.com/samboy/MaraDNS/security/advisories/GHSA-58m7-826v-9c3c https://lists.debian.org/debian-lts-announce/2023/06/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3VSMLJX25MXGQ6A7UPOGK7VPUVDESPHL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NB7 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2022-47489
https://notcve.org/view.php?id=CVE-2022-47489
In soter service, there is a possible out of bounds write due to a missing bounds check. • https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761 • CWE-190: Integer Overflow or Wraparound •