CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28902 – Denial of Service via integer underflow in picserver
https://notcve.org/view.php?id=CVE-2023-28902
28 Jun 2025 — An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28903
https://notcve.org/view.php?id=CVE-2023-28903
28 Jun 2025 — An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28908 – Integer Overflow in Non-Fragmented Data Reception
https://notcve.org/view.php?id=CVE-2023-28908
28 Jun 2025 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28909 – Integer Overflow Leading to MTU Bypass
https://notcve.org/view.php?id=CVE-2023-28909
28 Jun 2025 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. ... Consequently, this can lead to a buffer overflow in upper layer profiles, which can be used to obtain remote code execution. Consequently... • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1991 – IBM Informix Dynamic Server denial of service
https://notcve.org/view.php?id=CVE-2025-1991
28 Jun 2025 — IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets. • https://www.ibm.com/support/pages/node/7238455 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-6603 – coldfunction qCUDA qcow.c qcow_make_empty integer overflow
https://notcve.org/view.php?id=CVE-2025-6603
25 Jun 2025 — The manipulation of the argument s->l1_size leads to integer overflow. ... Dank Manipulation des Arguments s->l1_size mit unbekannten Daten kann eine integer overflow-Schwachstelle ausgenutzt werden. • https://github.com/coldfunction/qCUDA/issues/10 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-52471 – ESP-NOW Integer Underflow Vulnerability Advisory
https://notcve.org/view.php?id=CVE-2025-52471
24 Jun 2025 — An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. ... In versions 5.4.2, 5.3.4, 5.2.6, and 5.1.6, ESP-NOW has added more comprehensive validation logic on user-supplied data length during packet reception to prevent integer underflow caused by negative value calculations. • https://github.com/espressif/esp-idf/commit/b1a379d57430d265a53aca13d59ddfbf2e7ac409 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52566 – llama.cpp tokenizer signed vs. unsigned heap overflow
https://notcve.org/view.php?id=CVE-2025-52566
24 Jun 2025 — Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation (llama_vocab::tokenize) (src/llama-vocab.cpp:3036) resulting in unintended behavior in tokens copying size comparison. • https://github.com/ggml-org/llama.cpp/commit/dd6e6d0b6a4bbe3ebfc931d1eb14db2f2b1d70af • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-195: Signed to Unsigned Conversion Error •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52935 – Integer Overflow or Wraparound vulnerability in dragonflydb/dragonfly
https://notcve.org/view.php?id=CVE-2025-52935
23 Jun 2025 — Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly (src/redis/lua/struct modules). • https://github.com/dragonflydb/dragonfly/commit/473e002c848eb312f23d84114eb4951a7c4af5a1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6191
https://notcve.org/view.php?id=CVE-2025-6191
18 Jun 2025 — Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. • https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html • CWE-190: Integer Overflow or Wraparound CWE-472: External Control of Assumed-Immutable Web Parameter •