CVE-2022-20073

MEDIUM Year: 2022
CVSS v3 Score
6.6
Medium
CVSS v2 Score
4.4
Medium
Weakness Type
CWE-191
View all →

Vulnerability Description

In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.

Related Vulnerabilities

CVE-2017-14997

MEDIUM
CVSS:6.5(Medium)

GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.

CWE-1912017

CVE-2018-4011

MEDIUM
CVSS:6.5(Medium)

An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorr...

CWE-1912018

CVE-2021-24894

MEDIUM
CVSS:6.5(Medium)

The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated use...

CWE-1912021

CVE-2021-25121

MEDIUM
CVSS:6.5(Medium)

The Rating by BestWebSoft WordPress plugin before 1.6 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such ...

CWE-1912021

CVE-2021-41821

MEDIUM
CVSS:6.5(Medium)

Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the man...

CWE-1912021

CVE-2022-21685

MEDIUM
CVSS:6.5(Medium)

Frontier is Substrate's Ethereum compatibility layer. Prior to commit number `8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664`, a bug in Frontier's MODEXP precompile implementation can cause an integer under...

CWE-1912022