Total
357 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22308 | 1 Softether | 1 Vpn | 2024-11-21 | N/A | 7.5 HIGH |
| An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2023-21815 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2024-11-21 | N/A | 7.8 HIGH |
| Visual Studio Remote Code Execution Vulnerability | |||||
| CVE-2023-21718 | 1 Microsoft | 1 Sql Server | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-21708 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||
| CVE-2023-21684 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.8 HIGH |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | |||||
| CVE-2023-21681 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-21630 | 1 Qualcomm | 84 Qca6391, Qca6391 Firmware, Qca6574 and 81 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal. | |||||
| CVE-2023-21556 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 8.1 HIGH |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | |||||
| CVE-2023-21527 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows iSCSI Service Denial of Service Vulnerability | |||||
| CVE-2022-4338 | 2 Debian, Openvswitch | 2 Debian Linux, Openvswitch | 2024-11-21 | N/A | 9.8 CRITICAL |
| An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. | |||||
| CVE-2022-48804 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: vt_ioctl: fix array_index_nospec in vt_setactivate array_index_nospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console should be decreased first and then sanitized with array_index_nospec. Kasper Acknowledgements: Jakob Koschel, Brian Johannesmeyer, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida from the VUSec group at VU Amsterdam. | |||||
| CVE-2022-39343 | 1 Microsoft | 1 Azure Rtos Filex | 2024-11-21 | N/A | 5.6 MEDIUM |
| Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the `_fx_fault_tolerant_enable` function an attempt to recover the previous failed write operation is taken by call of `_fx_fault_tolerant_apply_logs`. This function iterates through the log entries and performs required recovery operations. When properly crafted a log including entries of type `FX_FAULT_TOLERANT_DIR_LOG_TYPE` may be utilized to introduce unexpected behavior. This issue has been patched in version 6.2.0. A workaround to fix line 218 in fx_fault_tolerant_apply_logs.c is documented in the GHSA. | |||||
| CVE-2022-37301 | 1 Schneider-electric | 96 Modicon M340 Bmx P34-2010, Modicon M340 Bmx P34-2010 Firmware, Modicon M340 Bmx P34-2030 and 93 more | 2024-11-21 | N/A | 7.5 HIGH |
| A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior) | |||||
| CVE-2022-30787 | 3 Debian, Fedoraproject, Tuxera | 3 Debian Linux, Fedora, Ntfs-3g | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | |||||
| CVE-2022-2869 | 3 Debian, Fedoraproject, Libtiff | 3 Debian Linux, Fedora, Libtiff | 2024-11-21 | N/A | 5.5 MEDIUM |
| libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. | |||||
| CVE-2022-2867 | 3 Debian, Fedoraproject, Libtiff | 3 Debian Linux, Fedora, Libtiff | 2024-11-21 | N/A | 5.5 MEDIUM |
| libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. | |||||
| CVE-2022-2335 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
| A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. | |||||
| CVE-2022-28733 | 1 Gnu | 1 Grub2 | 2024-11-21 | N/A | 8.1 HIGH |
| Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer. | |||||
| CVE-2022-24046 | 1 Sonos | 3 One, S1, S2 | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the anacapd daemon. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15828. | |||||
| CVE-2022-23613 | 2 Fedoraproject, Neutrinolabs | 2 Fedora, Xrdp | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability has been patched in version 0.9.18.1 and above. Users are advised to upgrade. There are no known workarounds. | |||||