Total
2491 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48236 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | N/A | 2.8 LOW |
| Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAX_INT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit `73b2d379` which has been included in release version 9.0.2111. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-48235 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | N/A | 2.8 LOW |
| Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `060623e` which has been included in release version 9.0.2110. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-48234 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | N/A | 2.8 LOW |
| Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `58f9befca1` which has been included in release version 9.0.2109. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-48233 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | N/A | 2.8 LOW |
| Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `ac6378773` which has been included in release version 9.0.2108. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-47996 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 6.5 MEDIUM |
| An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service. | |||||
| CVE-2023-47994 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 8.8 HIGH |
| An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code. | |||||
| CVE-2023-47992 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 8.8 HIGH |
| An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code. | |||||
| CVE-2023-47212 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-46246 | 1 Vim | 1 Vim | 2024-11-21 | N/A | 4.0 MEDIUM |
| Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. | |||||
| CVE-2023-46228 | 1 Zchunk | 1 Zchunk | 2024-11-21 | N/A | 7.8 HIGH |
| zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c. | |||||
| CVE-2023-45742 | 2 Level1, Realtek | 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit | 2024-11-21 | N/A | 7.2 HIGH |
| An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2023-45681 | 1 Nothings | 1 Stb Vorbis.c | 2024-11-21 | N/A | 7.3 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution. | |||||
| CVE-2023-44709 | 1 Sammycage | 1 Plutosvg | 2024-11-21 | N/A | 9.8 CRITICAL |
| PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an integer overflow via the component plutosvg_load_from_memory. | |||||
| CVE-2023-44443 | 2024-11-21 | N/A | 7.8 HIGH | ||
| GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22096. | |||||
| CVE-2023-43826 | 1 Apache | 1 Guacamole | 2024-11-21 | N/A | 7.5 HIGH |
| Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.5.4, which fixes this issue. | |||||
| CVE-2023-43787 | 3 Fedoraproject, Redhat, X.org | 3 Fedora, Enterprise Linux, Libx11 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges. | |||||
| CVE-2023-43550 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem. | |||||
| CVE-2023-43545 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
| Memory corruption when more scan frequency list or channels are sent from the user space. | |||||
| CVE-2023-43530 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Memory corruption in HLOS while checking for the storage type. | |||||
| CVE-2023-42752 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers. | |||||