CVE-2023-36495

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-190
View all →

Vulnerability Description

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

Related Vulnerabilities

CVE-2002-0391

CRITICAL
CVSS:9.8(Critical)

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by...

CWE-1902002

CVE-2002-0639

CRITICAL
CVSS:9.8(Critical)

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using...

CWE-1902002

CVE-2005-0102

CRITICAL
CVSS:9.8(Critical)

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte ...

CWE-1902005

CVE-2005-1141

CRITICAL
CVSS:9.8(Critical)

Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, whi...

CWE-1902005

CVE-2005-1513

CRITICAL
CVSS:9.8(Critical)

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly ...

CWE-1902005

CVE-2009-0947

CRITICAL
CVSS:9.8(Critical)

Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.

CWE-1902009