CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38403 – iperf3: memory allocation hazard and crash
https://notcve.org/view.php?id=CVE-2023-38403
17 Jul 2023 — iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. An integer overflow flaw was found in the way iperf3 dynamically allocates memory buffers for JSON-formatted messages. A remote attacker could send a specially crafted sequence of bytes on the iperf3 control channel with a specified JSON message length of 0xffffffff to trigger an integer overflow leading the receiving process to abort due to heap corruption. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38427 – Ubuntu Security Notice USN-6466-1
https://notcve.org/view.php?id=CVE-2023-38427
17 Jul 2023 — An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 2CVE-2022-24834 – Heap overflow issue with the Lua cjson library used by Redis
https://notcve.org/view.php?id=CVE-2022-24834
13 Jul 2023 — An attacker could possibly use this issue to trigger an integer overflow, which might cause Redis to allocate impossible amounts of memory, resulting in a denial of service via an application crash. • https://github.com/convisolabs/CVE-2022-24834 • CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21241
https://notcve.org/view.php?id=CVE-2023-21241
12 Jul 2023 — In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. • https://android.googlesource.com/platform/system/nfc/+/907d17eeefec6f672ea824e126406e6d8f6b56d8 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-3635 – Okio GzipSource unhandled exception Denial of Service
https://notcve.org/view.php?id=CVE-2023-3635
12 Jul 2023 — Issues addressed include code execution, denial of service, deserialization, and integer overflow vulnerabilities. • https://github.com/square/okio/commit/81bce1a30af244550b0324597720e4799281da7b • CWE-195: Signed to Unsigned Conversion Error CWE-248: Uncaught Exception CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2023-35312 – Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35312
11 Jul 2023 — Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35312 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-33158 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-33158
11 Jul 2023 — Microsoft Excel Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33158 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-35364 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35364
11 Jul 2023 — Windows Kernel Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35364 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.2EPSS: 0%CPEs: 13EXPL: 0CVE-2023-35341 – Microsoft DirectMusic Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-35341
11 Jul 2023 — Microsoft DirectMusic Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35341 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-35315 – Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35315
11 Jul 2023 — Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35315 • CWE-190: Integer Overflow or Wraparound •