CVE-2023-28185

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-190
View all →

Vulnerability Description

An integer overflow was addressed through improved input validation. This issue is fixed in tvOS 16.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to cause a denial-of-service.

Related Vulnerabilities

CVE-2011-4097

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termin...

CWE-1902011

CVE-2012-0038

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, l...

CWE-1902012

CVE-2015-1526

MEDIUM
CVSS:5.5(Medium)

The media_server component in Android allows remote attackers to cause a denial of service via a crafted application.

CWE-1902015

CVE-2015-4645

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which tri...

CWE-1902015

CVE-2015-8933

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted...

CWE-1902015

CVE-2016-3712

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

CWE-1902016