Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

This is a PoC exploit for CVE-2024-38063, a 0-day vulnerability...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

Real POC published https://github.com/ynwarcs/CVE-2024-38063 and...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

Real POC published https://github.com/ynwarcs/CVE-2024-38063 and...

Medium: rapidjson

Issue Overview: Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this...

Medium: rapidjson

Issue Overview: Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this...

Amazon Linux 2023 : rapidjson-devel (ALAS2023-2024-684)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-684 advisory. Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An...

CBL Mariner 2.0 Security Update: qemu (CVE-2022-3165)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3165 advisory. - An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the...

OESA-2024-1857 rapidjson security update

RapidJSON as a fast JSON parser which generator for c++. Its inspired by RapidXML. Its supports both SAX & DOM style API. Its small but complete. Its fast, Its preformance can be comparabel to strlen. Its self-contained. It doesnt depend on external libraries such as BOOST. Its Unicode and memory...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-2017)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-2016)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.1 : qemu (EulerOS-SA-2024-2017)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length i...

CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

CVE-2022-48804 vt_ioctl: fix array_index_nospec in vt_setactivate

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

CVE-2022-48804

CVE-2022-48804 is resolved in the Linux kernel’s vt_ioctl/vt_setactivate path. The vulnerability stems from an array_index_nospec handling that could allow a transient integer underflow when an out-of-bounds value is decremented after zero, specifically affecting vsa.console handling. The descrip...

CVE-2024-38517

A flaw was found in rapidjson. Processing a crafted JSON text from a stream can cause an integer overflow in the GenericReader::ParseNumber function in the include/rapidjson/reader.h file, resulting in escalation of privileges. Mitigation Do not process or parse untrusted JSON text with rapidjson...

AZL-45330 CVE-2024-38517 affecting package opencc 1.1.1-3

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...

DEBIAN-CVE-2024-38517

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...