CWE-191
Integer Underflow (Wrap or Wraparound)
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
CVE-2021-37706 (GCVE-0-2021-37706)
Vulnerability from cvelistv5
Published
2021-12-22 00:00
Modified
2025-11-04 16:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim’s machine. Users are advised to upgrade as soon as possible. There are no known workarounds.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:09:17.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/pjsip/pjproject/security/advisories/GHSA-2qpg-f6wf-w984"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/pjsip/pjproject/commit/15663e3f37091069b8c98a7fce680dc04bc8e865"
},
{
"name": "20220304 AST-2022-004: pjproject: integer underflow on STUN message",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/0"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html"
},
{
"name": "[debian-lts-announce] 20220328 [SECURITY] [DLA 2962-1] pjproject security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html"
},
{
"name": "GLSA-202210-37",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-37"
},
{
"name": "[debian-lts-announce] 20221117 [SECURITY] [DLA 3194-1] asterisk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"
},
{
"name": "DSA-5285",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5285"
},
{
"name": "[debian-lts-announce] 20230829 [SECURITY] [DLA 3549-1] ring security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00030.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pjproject",
"vendor": "pjsip",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.11.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim\u2019s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim\u2019s machine. Users are advised to upgrade as soon as possible. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-30T00:06:40.686Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/pjsip/pjproject/security/advisories/GHSA-2qpg-f6wf-w984"
},
{
"url": "https://github.com/pjsip/pjproject/commit/15663e3f37091069b8c98a7fce680dc04bc8e865"
},
{
"name": "20220304 AST-2022-004: pjproject: integer underflow on STUN message",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/0"
},
{
"url": "http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html"
},
{
"name": "[debian-lts-announce] 20220328 [SECURITY] [DLA 2962-1] pjproject security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html"
},
{
"name": "GLSA-202210-37",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-37"
},
{
"name": "[debian-lts-announce] 20221117 [SECURITY] [DLA 3194-1] asterisk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"
},
{
"name": "DSA-5285",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5285"
},
{
"name": "[debian-lts-announce] 20230829 [SECURITY] [DLA 3549-1] ring security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"
}
],
"source": {
"advisory": "GHSA-2qpg-f6wf-w984",
"discovery": "UNKNOWN"
},
"title": "Potential integer underflow upon receiving STUN message in PJSIP"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-37706",
"datePublished": "2021-12-22T00:00:00.000Z",
"dateReserved": "2021-07-29T00:00:00.000Z",
"dateUpdated": "2025-11-04T16:09:17.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-28902 (GCVE-0-2023-28902)
Vulnerability from cvelistv5
Published
2025-06-28 15:38
Modified
2025-06-30 19:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system.
The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Preh Car Connect GmbH (JOYNEXT GmbH) | Volkswagen MIB3 infotainment system MIB3 OI MQB |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28902",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T19:14:26.397551Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T19:20:28.406Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Volkswagen MIB3 infotainment system MIB3 OI MQB",
"vendor": "Preh Car Connect GmbH (JOYNEXT GmbH)",
"versions": [
{
"lessThanOrEqual": "0304",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Artem Ivachev from PCA Cyber Security (PCAutomotive)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system.\u003cbr\u003eThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.\u003cbr\u003e"
}
],
"value": "An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"impacts": [
{
"capecId": "CAPEC-92",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-92 Forced Integer Overflow"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191 Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-28T15:38:23.242Z",
"orgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"shortName": "ASRG"
},
"references": [
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf"
},
{
"tags": [
"technical-description"
],
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Denial of Service via integer underflow in picserver",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"assignerShortName": "ASRG",
"cveId": "CVE-2023-28902",
"datePublished": "2025-06-28T15:38:23.242Z",
"dateReserved": "2023-03-27T14:51:13.968Z",
"dateUpdated": "2025-06-30T19:20:28.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32653 (GCVE-0-2023-32653)
Vulnerability from cvelistv5
Published
2023-09-25 15:22
Modified
2025-11-04 19:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:16:25.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1802",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1802"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1802"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32653",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T14:54:47.255300Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:55:38.276Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageGear",
"vendor": "Accusoft",
"versions": [
{
"status": "affected",
"version": "20.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Emmanuel Tacheau of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-25T17:00:06.556Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1802",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1802"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-32653",
"datePublished": "2023-09-25T15:22:33.625Z",
"dateReserved": "2023-06-30T13:59:40.571Z",
"dateUpdated": "2025-11-04T19:16:25.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-33059 (GCVE-0-2023-33059)
Vulnerability from cvelistv5
Published
2023-11-07 05:26
Modified
2025-12-16 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
Memory corruption in Audio while processing the VOC packet data from ADSP.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Version: 315 5G IoT Modem Version: 9206 LTE Modem Version: APQ8017 Version: APQ8052 Version: APQ8056 Version: APQ8064AU Version: APQ8076 Version: AQT1000 Version: AR8031 Version: AR8035 Version: C-V2X 9150 Version: CSRA6620 Version: CSRA6640 Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: Home Hub 100 Platform Version: MDM9230 Version: MDM9250 Version: MDM9330 Version: MDM9628 Version: MDM9630 Version: MDM9640 Version: MDM9650 Version: MSM8108 Version: MSM8209 Version: MSM8608 Version: MSM8909W Version: MSM8996AU Version: QAM8255P Version: QAM8295P Version: QAM8650P Version: QAM8775P Version: QCA6174 Version: QCA6174A Version: QCA6310 Version: QCA6320 Version: QCA6335 Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6564 Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584 Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCA9367 Version: QCA9377 Version: QCA9379 Version: QCC710 Version: QCM2290 Version: QCM4290 Version: QCM4325 Version: QCM6125 Version: QCM6490 Version: QCM8550 Version: QCN6224 Version: QCN6274 Version: QCN9011 Version: QCN9012 Version: QCN9074 Version: QCS2290 Version: QCS410 Version: QCS4290 Version: QCS610 Version: QCS6125 Version: QCS6490 Version: QCS7230 Version: QCS8250 Version: QCS8550 Version: QFW7114 Version: QFW7124 Version: QRB5165M Version: QRB5165N Version: QSM8250 Version: Qualcomm 205 Mobile Platform Version: Qualcomm 215 Mobile Platform Version: Qualcomm Video Collaboration VC1 Platform Version: Qualcomm Video Collaboration VC3 Platform Version: Qualcomm Video Collaboration VC5 Platform Version: Robotics RB3 Platform Version: Robotics RB5 Platform Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SD 675 Version: SD626 Version: SD660 Version: SD670 Version: SD675 Version: SD730 Version: SD820 Version: SD821 Version: SD835 Version: SD855 Version: SD865 5G Version: SD888 Version: SDM429W Version: SDX20M Version: SDX55 Version: SG4150P Version: SG8275P Version: SM4125 Version: SM6250 Version: SM7250P Version: SM7315 Version: SM7325P Version: SM8550P Version: Smart Audio 200 Platform Version: Smart Audio 400 Platform Version: Smart Display 200 Platform (APQ5053-AA) Version: Snapdragon 1200 Wearable Platform Version: Snapdragon 208 Processor Version: Snapdragon 210 Processor Version: Snapdragon 212 Mobile Platform Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 425 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 439 Mobile Platform Version: Snapdragon 460 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 617 Processor Version: Snapdragon 625 Mobile Platform Version: Snapdragon 626 Mobile Platform Version: Snapdragon 630 Mobile Platform Version: Snapdragon 632 Mobile Platform Version: Snapdragon 636 Mobile Platform Version: Snapdragon 650 Mobile Platform Version: Snapdragon 652 Mobile Platform Version: Snapdragon 653 Mobile Platform Version: Snapdragon 660 Mobile Platform Version: Snapdragon 662 Mobile Platform Version: Snapdragon 665 Mobile Platform Version: Snapdragon 670 Mobile Platform Version: Snapdragon 675 Mobile Platform Version: Snapdragon 678 Mobile Platform (SM6150-AC) Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 690 5G Mobile Platform Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 710 Mobile Platform Version: Snapdragon 720G Mobile Platform Version: Snapdragon 730 Mobile Platform (SM7150-AA) Version: Snapdragon 730G Mobile Platform (SM7150-AB) Version: Snapdragon 732G Mobile Platform (SM7150-AC) Version: Snapdragon 750G 5G Mobile Platform Version: Snapdragon 765 5G Mobile Platform (SM7250-AA) Version: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Version: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Version: Snapdragon 778G 5G Mobile Platform Version: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Version: Snapdragon 780G 5G Mobile Platform Version: Snapdragon 782G Mobile Platform (SM7325-AF) Version: Snapdragon 7c+ Gen 3 Compute Version: Snapdragon 8 Gen 2 Mobile Platform Version: Snapdragon 8+ Gen 2 Mobile Platform Version: Snapdragon 820 Automotive Platform Version: Snapdragon 820 Mobile Platform Version: Snapdragon 821 Mobile Platform Version: Snapdragon 835 Mobile PC Platform Version: Snapdragon 845 Mobile Platform Version: Snapdragon 855 Mobile Platform Version: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon Wear 2100 Platform Version: Snapdragon Wear 2500 Platform Version: Snapdragon Wear 3100 Platform Version: Snapdragon Wear 4100+ Platform Version: Snapdragon X12 LTE Modem Version: Snapdragon X20 LTE Modem Version: Snapdragon X24 LTE Modem Version: Snapdragon X5 LTE Modem Version: Snapdragon X50 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: Snapdragon XR1 Platform Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: Snapdragon Auto 4G Modem Version: SW5100 Version: SW5100P Version: SXR1120 Version: SXR2130 Version: Vision Intelligence 100 Platform (APQ8053-AA) Version: Vision Intelligence 200 Platform (APQ8053-AC) Version: Vision Intelligence 400 Platform Version: WCD9326 Version: WCD9330 Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9360 Version: WCD9370 Version: WCD9371 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3610 Version: WCN3615 Version: WCN3620 Version: WCN3660B Version: WCN3680 Version: WCN3680B Version: WCN3910 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WCN6740 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33059",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:40:44.037662Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T18:23:23.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon Compute",
"Snapdragon Connectivity",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon Mobile",
"Snapdragon Voice \u0026 Music",
"Snapdragon Wearables"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "315 5G IoT Modem"
},
{
"status": "affected",
"version": "9206 LTE Modem"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8052"
},
{
"status": "affected",
"version": "APQ8056"
},
{
"status": "affected",
"version": "APQ8064AU"
},
{
"status": "affected",
"version": "APQ8076"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "AR8031"
},
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "C-V2X 9150"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "CSRB31024"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "Flight RB5 5G Platform"
},
{
"status": "affected",
"version": "Home Hub 100 Platform"
},
{
"status": "affected",
"version": "MDM9230"
},
{
"status": "affected",
"version": "MDM9250"
},
{
"status": "affected",
"version": "MDM9330"
},
{
"status": "affected",
"version": "MDM9628"
},
{
"status": "affected",
"version": "MDM9630"
},
{
"status": "affected",
"version": "MDM9640"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "MSM8108"
},
{
"status": "affected",
"version": "MSM8209"
},
{
"status": "affected",
"version": "MSM8608"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "QAM8255P"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QAM8650P"
},
{
"status": "affected",
"version": "QAM8775P"
},
{
"status": "affected",
"version": "QCA6174"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6310"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6335"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6564"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA6698AQ"
},
{
"status": "affected",
"version": "QCA6797AQ"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA9367"
},
{
"status": "affected",
"version": "QCA9377"
},
{
"status": "affected",
"version": "QCA9379"
},
{
"status": "affected",
"version": "QCC710"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4290"
},
{
"status": "affected",
"version": "QCM4325"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCM8550"
},
{
"status": "affected",
"version": "QCN6224"
},
{
"status": "affected",
"version": "QCN6274"
},
{
"status": "affected",
"version": "QCN9011"
},
{
"status": "affected",
"version": "QCN9012"
},
{
"status": "affected",
"version": "QCN9074"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS410"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "QCS6490"
},
{
"status": "affected",
"version": "QCS7230"
},
{
"status": "affected",
"version": "QCS8250"
},
{
"status": "affected",
"version": "QCS8550"
},
{
"status": "affected",
"version": "QFW7114"
},
{
"status": "affected",
"version": "QFW7124"
},
{
"status": "affected",
"version": "QRB5165M"
},
{
"status": "affected",
"version": "QRB5165N"
},
{
"status": "affected",
"version": "QSM8250"
},
{
"status": "affected",
"version": "Qualcomm 205 Mobile Platform"
},
{
"status": "affected",
"version": "Qualcomm 215 Mobile Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC1 Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC5 Platform"
},
{
"status": "affected",
"version": "Robotics RB3 Platform"
},
{
"status": "affected",
"version": "Robotics RB5 Platform"
},
{
"status": "affected",
"version": "SA4150P"
},
{
"status": "affected",
"version": "SA4155P"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8255P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SD 675"
},
{
"status": "affected",
"version": "SD626"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD675"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD820"
},
{
"status": "affected",
"version": "SD821"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD888"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDX20M"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SG4150P"
},
{
"status": "affected",
"version": "SG8275P"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7315"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "SM8550P"
},
{
"status": "affected",
"version": "Smart Audio 200 Platform"
},
{
"status": "affected",
"version": "Smart Audio 400 Platform"
},
{
"status": "affected",
"version": "Smart Display 200 Platform (APQ5053-AA)"
},
{
"status": "affected",
"version": "Snapdragon 1200 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon 208 Processor"
},
{
"status": "affected",
"version": "Snapdragon 210 Processor"
},
{
"status": "affected",
"version": "Snapdragon 212 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 4 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 425 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 429 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 439 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 480 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)"
},
{
"status": "affected",
"version": "Snapdragon 617 Processor"
},
{
"status": "affected",
"version": "Snapdragon 625 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 626 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 630 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 632 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 636 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 650 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 652 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 653 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 660 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 665 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 670 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 675 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 678 Mobile Platform (SM6150-AC)"
},
{
"status": "affected",
"version": "Snapdragon 680 4G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"
},
{
"status": "affected",
"version": "Snapdragon 690 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 695 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 710 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 720G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 730 Mobile Platform (SM7150-AA)"
},
{
"status": "affected",
"version": "Snapdragon 730G Mobile Platform (SM7150-AB)"
},
{
"status": "affected",
"version": "Snapdragon 732G Mobile Platform (SM7150-AC)"
},
{
"status": "affected",
"version": "Snapdragon 750G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)"
},
{
"status": "affected",
"version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)"
},
{
"status": "affected",
"version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)"
},
{
"status": "affected",
"version": "Snapdragon 778G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)"
},
{
"status": "affected",
"version": "Snapdragon 780G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 782G Mobile Platform (SM7325-AF)"
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8+ Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 820 Automotive Platform"
},
{
"status": "affected",
"version": "Snapdragon 820 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 821 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 835 Mobile PC Platform"
},
{
"status": "affected",
"version": "Snapdragon 845 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 855 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
},
{
"status": "affected",
"version": "Snapdragon 865 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
},
{
"status": "affected",
"version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
},
{
"status": "affected",
"version": "Snapdragon 888 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
},
{
"status": "affected",
"version": "Snapdragon Auto 5G Modem-RF"
},
{
"status": "affected",
"version": "Snapdragon W5+ Gen 1 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon Wear 2100 Platform"
},
{
"status": "affected",
"version": "Snapdragon Wear 2500 Platform"
},
{
"status": "affected",
"version": "Snapdragon Wear 3100 Platform"
},
{
"status": "affected",
"version": "Snapdragon Wear 4100+ Platform"
},
{
"status": "affected",
"version": "Snapdragon X12 LTE Modem"
},
{
"status": "affected",
"version": "Snapdragon X20 LTE Modem"
},
{
"status": "affected",
"version": "Snapdragon X24 LTE Modem"
},
{
"status": "affected",
"version": "Snapdragon X5 LTE Modem"
},
{
"status": "affected",
"version": "Snapdragon X50 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X55 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X75 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon XR1 Platform"
},
{
"status": "affected",
"version": "Snapdragon XR2 5G Platform"
},
{
"status": "affected",
"version": "Snapdragon XR2+ Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon Auto 4G Modem"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "SXR1120"
},
{
"status": "affected",
"version": "SXR2130"
},
{
"status": "affected",
"version": "Vision Intelligence 100 Platform (APQ8053-AA)"
},
{
"status": "affected",
"version": "Vision Intelligence 200 Platform (APQ8053-AC)"
},
{
"status": "affected",
"version": "Vision Intelligence 400 Platform"
},
{
"status": "affected",
"version": "WCD9326"
},
{
"status": "affected",
"version": "WCD9330"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9360"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCD9390"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3990"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in Audio while processing the VOC packet data from ADSP."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191 Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T16:19:42.133Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin"
}
],
"title": "Buffer Copy Without Checking Size of Input in Audio"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2023-33059",
"datePublished": "2023-11-07T05:26:54.139Z",
"dateReserved": "2023-05-17T09:28:53.126Z",
"dateUpdated": "2025-12-16T18:23:23.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-36794 (GCVE-0-2023-36794)
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2025-10-30 18:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
Visual Studio Remote Code Execution Vulnerability
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.57 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36794",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T15:55:22.038287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T15:55:32.545Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.9.57",
"status": "affected",
"version": "15.9.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.2.21",
"status": "affected",
"version": "17.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.11.30",
"status": "affected",
"version": "16.11.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.4",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.4.13",
"status": "affected",
"version": "17.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "PowerShell 7.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": ".NET 6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.24",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": ".NET 7.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.6",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.6.9",
"status": "affected",
"version": "17.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.6.9",
"status": "affected",
"version": "17.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2016 (Server Core installation)",
"Windows Server 2016",
"Windows Server 2012 R2 (Server Core installation)",
"Windows Server 2012 (Server Core installation)",
"Windows 10 Version 1607 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012",
"Windows Server 2012 R2"
],
"product": "Microsoft .NET Framework 4.8",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.8.04667.02",
"status": "affected",
"version": "4.8.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows Server 2019 (Server Core installation)",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows Server 2019",
"Windows Server 2022",
"Windows Server 2022 (Server Core installation)"
],
"product": "Microsoft .NET Framework 3.5 AND 4.8",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.8.04667.02",
"status": "affected",
"version": "4.8.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows Server 2019 (Server Core installation)"
],
"product": "Microsoft .NET Framework 3.5 AND 4.7.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.7.04063.05",
"status": "affected",
"version": "4.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 1607 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows Server 2016",
"Windows Server 2016 (Server Core installation)"
],
"product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6252",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012",
"Windows Server 2012 R2",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012 R2 (Server Core installation)"
],
"product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.7.04063.01",
"status": "affected",
"version": "4.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2022",
"Windows Server 2022 (Server Core installation)",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 11 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 11 Version 22H2 for x64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems"
],
"product": "Microsoft .NET Framework 3.5 AND 4.8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.8.09186.01",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
"Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"product": "Microsoft .NET Framework 4.6.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.7.04063.01",
"status": "affected",
"version": "4.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 for x64-based Systems",
"Windows 10 for 32-bit Systems"
],
"product": "Microsoft .NET Framework 3.5 and 4.6.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.20162",
"status": "affected",
"version": "4.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"product": "Microsoft .NET Framework 3.0 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.0.30729.8957",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"product": "Microsoft .NET Framework 2.0 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.0.30729.8957",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2012",
"Windows Server 2012 R2",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012 R2 (Server Core installation)"
],
"product": "Microsoft .NET Framework 3.5",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.0.30729.8957",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
],
"product": "Microsoft .NET Framework 3.5.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.0.30729.8957",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.9.57",
"versionStartIncluding": "15.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.2.21",
"versionStartIncluding": "17.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.11.30",
"versionStartIncluding": "16.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.4.13",
"versionStartIncluding": "17.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.24",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.13",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6.9",
"versionStartIncluding": "17.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6.9",
"versionStartIncluding": "17.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.04667.02",
"versionStartIncluding": "4.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.04667.02",
"versionStartIncluding": "4.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.04063.05",
"versionStartIncluding": "4.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6252",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.04063.01",
"versionStartIncluding": "4.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.09186.01",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.04063.01",
"versionStartIncluding": "4.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20162",
"versionStartIncluding": "4.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*",
"versionEndExcluding": "3.0.30729.8957",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*",
"versionEndExcluding": "3.0.30729.8957",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.30729.8957",
"versionStartIncluding": "3.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.30729.8957",
"versionStartIncluding": "3.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-09-12T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Visual Studio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T18:18:08.911Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794"
}
],
"title": "Visual Studio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-36794",
"datePublished": "2023-09-12T16:58:39.719Z",
"dateReserved": "2023-06-27T15:11:59.873Z",
"dateUpdated": "2025-10-30T18:18:08.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-36796 (GCVE-0-2023-36796)
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2025-10-30 18:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
Visual Studio Remote Code Execution Vulnerability
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Visual Studio 2022 version 17.6 |
Version: 17.6.0 < 17.6.9 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-29T18:14:53.378773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:25:47.414Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.6",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.6.9",
"status": "affected",
"version": "17.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.7.6",
"status": "affected",
"version": "17.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.9.57",
"status": "affected",
"version": "15.9.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.2.21",
"status": "affected",
"version": "17.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.11.30",
"status": "affected",
"version": "16.11.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.4",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.4.13",
"status": "affected",
"version": "17.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2013 Update 5",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "12.0.40707.0",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2015 Update 3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.27559.0",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": ".NET 7.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": ".NET 6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.24",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "PowerShell 7.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2022",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows Server 2022 (Server Core installation)",
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 11 version 21H2 for x64-based Systems",
"Windows Server 2019",
"Windows Server 2019 (Server Core installation)",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems"
],
"product": "Microsoft .NET Framework 3.5 AND 4.8",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.8.04667.03",
"status": "affected",
"version": "4.8.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016 (Server Core installation)",
"Windows Server 2012",
"Windows Server 2012 R2 (Server Core installation)",
"Windows Server 2016",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012 R2",
"Windows Server 2012 (Server Core installation)"
],
"product": "Microsoft .NET Framework 4.8",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.8.04667.02",
"status": "affected",
"version": "4.8.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows Server 2019",
"Windows Server 2019 (Server Core installation)"
],
"product": "Microsoft .NET Framework 3.5 AND 4.7.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.7.04063.05",
"status": "affected",
"version": "4.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 1607 for 32-bit Systems",
"Windows Server 2016 (Server Core installation)",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6252",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012",
"Windows Server 2012 R2",
"Windows Server 2012 R2 (Server Core installation)"
],
"product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.7.04063.01",
"status": "affected",
"version": "4.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2022 (Server Core installation)",
"Windows Server 2022",
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 11 Version 22H2 for x64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 11 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems"
],
"product": "Microsoft .NET Framework 3.5 AND 4.8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.8.09186.01",
"status": "affected",
"version": "4.8.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
"Windows Server 2008 for x64-based Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
],
"product": "Microsoft .NET Framework 4.6.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.7.04063.01",
"status": "affected",
"version": "4.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 for x64-based Systems",
"Windows 10 for 32-bit Systems"
],
"product": "Microsoft .NET Framework 3.5 and 4.6.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.20162",
"status": "affected",
"version": "4.7.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"product": "Microsoft .NET Framework 2.0 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.0.30729.8957",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"product": "Microsoft .NET Framework 3.0 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.0.30729.8957",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2012",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012 R2",
"Windows Server 2012 R2 (Server Core installation)"
],
"product": "Microsoft .NET Framework 3.5",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.0.30729.8957",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1"
],
"product": "Microsoft .NET Framework 3.5.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.0.30729.8957",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6.9",
"versionStartIncluding": "17.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.6",
"versionStartIncluding": "17.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.9.57",
"versionStartIncluding": "15.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.2.21",
"versionStartIncluding": "17.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.11.30",
"versionStartIncluding": "16.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.4.13",
"versionStartIncluding": "17.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*",
"versionEndExcluding": "12.0.40707.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio:*:update3:*:*:*:*:*:*",
"versionEndExcluding": "14.0.27559.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.13",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.24",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.04667.03",
"versionStartIncluding": "4.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.04667.02",
"versionStartIncluding": "4.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.04063.05",
"versionStartIncluding": "4.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6252",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.04063.01",
"versionStartIncluding": "4.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.09186.01",
"versionStartIncluding": "4.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.04063.01",
"versionStartIncluding": "4.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20162",
"versionStartIncluding": "4.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*",
"versionEndExcluding": "3.0.30729.8957",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*",
"versionEndExcluding": "3.0.30729.8957",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.30729.8957",
"versionStartIncluding": "3.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.30729.8957",
"versionStartIncluding": "3.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-09-12T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Visual Studio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T18:18:08.271Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796"
}
],
"title": "Visual Studio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-36796",
"datePublished": "2023-09-12T16:58:39.186Z",
"dateReserved": "2023-06-27T15:11:59.873Z",
"dateUpdated": "2025-10-30T18:18:08.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-38162 (GCVE-0-2023-38162)
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2025-10-30 18:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
DHCP Server Service Denial of Service Vulnerability
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Windows Server 2019 |
Version: 10.0.17763.0 < 10.0.17763.4851 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-25T13:35:11.049054Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-25T13:35:49.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DHCP Server Service Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38162"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.4851",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.4851",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1970",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6252",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6252",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24462",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24462",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.21563",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.21563",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4851",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4851",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1970",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6252",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6252",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24462",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24462",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.21563",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.21563",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-09-12T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "DHCP Server Service Denial of Service Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T18:17:41.544Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "DHCP Server Service Denial of Service Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38162"
}
],
"title": "DHCP Server Service Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-38162",
"datePublished": "2023-09-12T16:58:17.503Z",
"dateReserved": "2023-07-12T23:41:45.862Z",
"dateUpdated": "2025-10-30T18:17:41.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-39350 (GCVE-0-2023-39350)
Vulnerability from cvelistv5
Published
2023-08-31 19:31
Modified
2025-11-03 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. This issue affects Clients only. Integer underflow leading to DOS (e.g. abort due to `WINPR_ASSERT` with default compilation flags). When an insufficient blockLen is provided, and proper length validation is not performed, an Integer Underflow occurs, leading to a Denial of Service (DOS) vulnerability. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:35:39.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrrv-3w42-pffh",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrrv-3w42-pffh"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/commit/e204fc8be5a372626b13f66daf2abafe71dbc2dc",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FreeRDP/FreeRDP/commit/e204fc8be5a372626b13f66daf2abafe71dbc2dc"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A6LLDAPEXRDJOM3PREDDD267SSNT77DP/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHMTGKCZXJPQOR5ZD2I4GPDNP2DKRXMF/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-16"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00016.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FreeRDP",
"vendor": "FreeRDP",
"versions": [
{
"status": "affected",
"version": "\u003c 2.11.0"
},
{
"status": "affected",
"version": "\u003e= 3.0.0-beta1, \u003c 3.0.0-beta3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. This issue affects Clients only. Integer underflow leading to DOS (e.g. abort due to `WINPR_ASSERT` with default compilation flags). When an insufficient blockLen is provided, and proper length validation is not performed, an Integer Underflow occurs, leading to a Denial of Service (DOS) vulnerability. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-12T13:06:50.498Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrrv-3w42-pffh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrrv-3w42-pffh"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/commit/e204fc8be5a372626b13f66daf2abafe71dbc2dc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FreeRDP/FreeRDP/commit/e204fc8be5a372626b13f66daf2abafe71dbc2dc"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A6LLDAPEXRDJOM3PREDDD267SSNT77DP/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHMTGKCZXJPQOR5ZD2I4GPDNP2DKRXMF/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-16"
}
],
"source": {
"advisory": "GHSA-rrrv-3w42-pffh",
"discovery": "UNKNOWN"
},
"title": "Incorrect offset calculation leading to denial of service in FreeRDP"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39350",
"datePublished": "2023-08-31T19:31:13.392Z",
"dateReserved": "2023-07-28T13:26:46.477Z",
"dateUpdated": "2025-11-03T20:35:39.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-39413 (GCVE-0-2023-39413)
Vulnerability from cvelistv5
Published
2024-01-08 14:47
Modified
2025-11-04 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:16:29.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1824"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39413",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-08T18:59:55.406663Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:39:12.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "GTKWave",
"vendor": "GTKWave",
"versions": [
{
"status": "affected",
"version": "3.3.115"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Claudio Bozzato of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T21:08:09.843Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-39413",
"datePublished": "2024-01-08T14:47:40.975Z",
"dateReserved": "2023-07-31T20:09:53.192Z",
"dateUpdated": "2025-11-04T18:16:29.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-39414 (GCVE-0-2023-39414)
Vulnerability from cvelistv5
Published
2024-01-08 14:47
Modified
2025-11-04 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:16:31.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1824"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39414",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-08T18:59:52.615271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:39:12.510Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "GTKWave",
"vendor": "GTKWave",
"versions": [
{
"status": "affected",
"version": "3.3.115"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Claudio Bozzato of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T21:07:53.948Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-39414",
"datePublished": "2024-01-08T14:47:41.077Z",
"dateReserved": "2023-07-31T20:09:53.192Z",
"dateUpdated": "2025-11-04T18:16:31.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.