Common Weakness Enumeration

CWE-191

Allowed

Integer Underflow (Wrap or Wraparound)

Abstraction: Base · Status: Draft

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

640 vulnerabilities reference this CWE, most recent first.

GHSA-J8GQ-JMQ2-28CW

Vulnerability from github – Published: 2023-12-05 12:30 – Updated: 2023-12-05 12:30
VLAI
Details

An integer overflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-43628"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-05T12:15:43Z",
    "severity": "MODERATE"
  },
  "details": "An integer overflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability.",
  "id": "GHSA-j8gq-jmq2-28cw",
  "modified": "2023-12-05T12:30:45Z",
  "published": "2023-12-05T12:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43628"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1860"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1860"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JFCR-39Q8-HMPX

Vulnerability from github – Published: 2022-05-13 01:05 – Updated: 2022-05-13 01:05
VLAI
Details

When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-9133"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-09T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn\u0027t check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file.",
  "id": "GHSA-jfcr-39q8-hmpx",
  "modified": "2022-05-13T01:05:21Z",
  "published": "2022-05-13T01:05:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9133"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4D55BLGBNWNIMNI5N57WDPAFQCUIM6XX"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VT5HBIKH64YRZFFAPXGOTHIQJHSTQJF7"
    },
    {
      "type": "WEB",
      "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=34991"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JHF3-XXHW-2WPP

Vulnerability from github – Published: 2026-03-30 17:17 – Updated: 2026-03-31 18:50
VLAI
Summary
go-git: Maliciously crafted idx file can cause asymmetric memory consumption
Details

Impact

A vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a Denial of Service (DoS) condition.

Exploitation requires write access to the local repository's .git directory, it order to create or alter existing .idx files.

Patches

Users should upgrade to v5.17.1, or the latest v6 pseudo-version, in order to mitigate this vulnerability.

Credit

The go-git maintainers thank @kq5y for finding and reporting this issue privately to the go-git project.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.17.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/go-git/go-git/v5"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.17.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-34165"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-30T17:17:54Z",
    "nvd_published_at": "2026-03-31T15:16:17Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nA vulnerability has been identified in which a maliciously crafted `.idx` file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a Denial of Service (DoS) condition.\n\nExploitation requires write access to the local repository\u0027s `.git` directory, it order to create or alter existing `.idx` files. \n\n### Patches\n\nUsers should upgrade to `v5.17.1`, or the latest `v6` [pseudo-version](https://go.dev/ref/mod#pseudo-versions), in order to mitigate this vulnerability.\n\n### Credit\n\nThe go-git maintainers thank @kq5y for finding and reporting this issue privately to the `go-git` project.",
  "id": "GHSA-jhf3-xxhw-2wpp",
  "modified": "2026-03-31T18:50:40Z",
  "published": "2026-03-30T17:17:54Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34165"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/go-git/go-git"
    },
    {
      "type": "WEB",
      "url": "https://github.com/go-git/go-git/releases/tag/v5.17.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "go-git: Maliciously crafted idx file can cause asymmetric memory consumption"
}

GHSA-JJ4Q-6C47-CGGX

Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2025-10-22 00:32
VLAI
Details

Windows NTFS Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31956"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-08T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "Windows NTFS Elevation of Privilege Vulnerability",
  "id": "GHSA-jj4q-6c47-cggx",
  "modified": "2025-10-22T00:32:13Z",
  "published": "2022-05-24T19:04:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31956"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31956"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JJQX-M459-2X33

Vulnerability from github – Published: 2026-06-09 15:32 – Updated: 2026-06-09 15:32
VLAI
Details

A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-11789"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-09T14:16:37Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication.",
  "id": "GHSA-jjqx-m459-2x33",
  "modified": "2026-06-09T15:32:18Z",
  "published": "2026-06-09T15:32:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11789"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-11789"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2485422"
    },
    {
      "type": "WEB",
      "url": "https://redhat.atlassian.net/browse/PSIRTSUPT-7600"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JJVG-65V4-V3CQ

Vulnerability from github – Published: 2022-05-14 02:47 – Updated: 2024-10-21 18:30
VLAI
Details

Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an "Off-by-two" or "Out of bounds overwrite" memory error.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8370"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-12-16T21:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an \"Off-by-two\" or \"Out of bounds overwrite\" memory error.",
  "id": "GHSA-jjvg-65v4-v3cq",
  "modified": "2024-10-21T18:30:44Z",
  "published": "2022-05-14T02:47:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8370"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201512-03"
    },
    {
      "type": "WEB",
      "url": "http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173703.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174049.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00041.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00043.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00044.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/134831/Grub2-Authentication-Bypass.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2623.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2015/Dec/69"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2015/dsa-3421"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/12/15/6"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/01/15/3"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/537115/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/79358"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034422"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2836-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JM36-7355-XC6R

Vulnerability from github – Published: 2025-10-23 12:31 – Updated: 2025-10-23 12:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: qcom: bam_dma: fix runtime PM underflow

Commit dbad41e7bb5f ("dmaengine: qcom: bam_dma: check if the runtime pm enabled") caused unbalanced pm_runtime_get/put() calls when the bam is controlled remotely. This commit reverts it and just enables pm_runtime in all cases, the clk_* functions already just nop when the clock is NULL.

Also clean up a bit by removing unnecessary bamclk null checks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49650"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:40Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: qcom: bam_dma: fix runtime PM underflow\n\nCommit dbad41e7bb5f (\"dmaengine: qcom: bam_dma: check if the runtime pm enabled\")\ncaused unbalanced pm_runtime_get/put() calls when the bam is\ncontrolled remotely. This commit reverts it and just enables pm_runtime\nin all cases, the clk_* functions already just nop when the clock is NULL.\n\nAlso clean up a bit by removing unnecessary bamclk null checks.",
  "id": "GHSA-jm36-7355-xc6r",
  "modified": "2025-10-23T12:31:16Z",
  "published": "2025-10-23T12:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49650"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0ac9c3dd0d6fe293cd5044cfad10bec27d171e4e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2f6ded79068cac8cff41d5d5632564165d98ee12"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b702a1077b51fcb39507cc3bd39206f539319a96"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JM5C-RV3W-W83M

Vulnerability from github – Published: 2021-06-29 21:13 – Updated: 2025-01-30 14:38
VLAI
Summary
Denial of service in geth
Details

Impact

Denial-of-service (crash) during block processing

Details

Affected versions suffer from a vulnerability which can be exploited through the MULMOD operation, by specifying a modulo of 0: mulmod(a,b,0), causing a panic in the underlying library. The crash was in the uint256 library, where a buffer underflowed.

if `d == 0`, `dLen` remains `0`

and https://github.com/holiman/uint256/blob/4ce82e695c10ddad57215bdbeafb68b8c5df2c30/uint256.go#L451 will try to access index [-1].

The uint256 library was first merged in this commit, on 2020-06-08. Exploiting this vulnerabilty would cause all vulnerable nodes to drop off the network.

The issue was brought to our attention through a bug report, showing a panic occurring on sync from genesis on the Ropsten network.

It was estimated that the least obvious way to fix this would be to merge the fix into uint256, make a new release of that library and then update the geth-dependency.

  • https://github.com/holiman/uint256/releases/tag/v1.1.1 was made the same day,
  • PR to address the issue: https://github.com/holiman/uint256/pull/80
  • PR to update geth deps: https://github.com/ethereum/go-ethereum/pull/21368

Patches

Upgrade to v1.9.18 or higher

Workarounds

Not at this time

References

https://blog.ethereum.org/2020/11/12/geth_security_release/

For more information

If you have any questions or comments about this advisory: * Open an issue in go-ethereum * Email us at security@ethereum.org

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ethereum/go-ethereum"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.9.16"
            },
            {
              "fixed": "1.9.18"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/holiman/uint256"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.1.0"
            },
            {
              "fixed": "1.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26242"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-191",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-21T21:50:44Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\nDenial-of-service (crash) during block processing\n\n### Details\n\nAffected versions suffer from a vulnerability which can be exploited through the `MULMOD` operation, by specifying a modulo of `0`: `mulmod(a,b,0)`, causing a `panic` in the underlying library. \nThe crash was in the `uint256` library, where a buffer [underflowed](https://github.com/holiman/uint256/blob/4ce82e695c10ddad57215bdbeafb68b8c5df2c30/uint256.go#L442).\n\n\tif `d == 0`, `dLen` remains `0`\n\nand https://github.com/holiman/uint256/blob/4ce82e695c10ddad57215bdbeafb68b8c5df2c30/uint256.go#L451 will try to access index `[-1]`.\n\nThe `uint256` library was first merged in this [commit](https://github.com/ethereum/go-ethereum/commit/cf6674539c589f80031f3371a71c6a80addbe454), on 2020-06-08. \nExploiting this vulnerabilty would cause all vulnerable nodes to drop off the network. \n\nThe issue was brought to our attention through a [bug report](https://github.com/ethereum/go-ethereum/issues/21367), showing a `panic` occurring on sync from genesis on the Ropsten network.\n \nIt was estimated that the least obvious way to fix this would be to merge the fix into `uint256`, make a new release of that library and then update the geth-dependency.\n\n- https://github.com/holiman/uint256/releases/tag/v1.1.1 was made the same day, \n- PR to address the issue: https://github.com/holiman/uint256/pull/80 \n- PR to update geth deps: https://github.com/ethereum/go-ethereum/pull/21368 \n\n\n\n### Patches\n\nUpgrade to v1.9.18 or higher\n\n### Workarounds\n\nNot at this time\n\n### References\n\nhttps://blog.ethereum.org/2020/11/12/geth_security_release/\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [go-ethereum](https://github.com/ethereum/go-ethereum)\n* Email us at [security@ethereum.org](mailto:security@ethereum.org)\n",
  "id": "GHSA-jm5c-rv3w-w83m",
  "modified": "2025-01-30T14:38:53Z",
  "published": "2021-06-29T21:13:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-jm5c-rv3w-w83m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26242"
    },
    {
      "type": "WEB",
      "url": "https://github.com/holiman/uint256/pull/80"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/commit/7163a6664ee664df81b9028ab3ba13b9d65a7196"
    },
    {
      "type": "WEB",
      "url": "https://github.com/holiman/uint256/commit/6785da6e3eea403260a5760029e722aa4ff1716d"
    },
    {
      "type": "WEB",
      "url": "https://blog.ethereum.org/2020/11/12/geth_security_release"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ethereum/go-ethereum"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2021-0103"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Denial of service in geth"
}

GHSA-JR2F-HW4R-48CJ

Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-13 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/sun4i: dsi: Prevent underflow when computing packet sizes

Currently, the packet overhead is subtracted using unsigned arithmetic. With a short sync pulse, this could underflow and wrap around to near the maximal u16 value. Fix this by using signed subtraction. The call to max() will correctly handle any negative numbers that are produced.

Apply the same fix to the other timings, even though those subtractions are less likely to underflow.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50036"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:32Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sun4i: dsi: Prevent underflow when computing packet sizes\n\nCurrently, the packet overhead is subtracted using unsigned arithmetic.\nWith a short sync pulse, this could underflow and wrap around to near\nthe maximal u16 value. Fix this by using signed subtraction. The call to\nmax() will correctly handle any negative numbers that are produced.\n\nApply the same fix to the other timings, even though those subtractions\nare less likely to underflow.",
  "id": "GHSA-jr2f-hw4r-48cj",
  "modified": "2025-11-13T21:31:18Z",
  "published": "2025-06-18T12:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50036"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/82a1356a933d8443139f8886f11b63c974a09a67"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/98e28de472ef248352f04f87e29e634ebb0ec240"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a1e7908f78f5a7f53f8cd83c7dcdfec974c95f26"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fb837f5b83461624e525727a8f4add14b201147e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JVCR-J6X4-HH24

Vulnerability from github – Published: 2024-04-09 18:30 – Updated: 2024-04-09 18:30
VLAI
Details

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-28933"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-09T17:15:54Z",
    "severity": "HIGH"
  },
  "details": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability",
  "id": "GHSA-jvcr-j6x4-hh24",
  "modified": "2024-04-09T18:30:27Z",
  "published": "2024-04-09T18:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28933"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28933"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.