Total
2685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-52059 | 2025-07-31 | N/A | N/A | ||
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.17. | |||||
| CVE-2021-30663 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-07-30 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2025-0838 | 2 Abseil, Debian | 2 Common Libraries, Debian Linux | 2025-07-30 | N/A | 9.8 CRITICAL |
| There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1 | |||||
| CVE-2025-47712 | 2025-07-29 | N/A | 4.3 MEDIUM | ||
| A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service. | |||||
| CVE-2025-52520 | 1 Apache | 1 Tomcat | 2025-07-29 | N/A | 7.5 HIGH |
| For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | |||||
| CVE-2025-5449 | 2025-07-29 | N/A | 4.3 MEDIUM | ||
| A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash, resulting in a denial of service. | |||||
| CVE-2023-53156 | 2025-07-29 | N/A | 4.5 MEDIUM | ||
| The transpose crate before 0.2.3 for Rust allows an integer overflow via input_width and input_height arguments. | |||||
| CVE-2024-58263 | 2025-07-29 | N/A | 3.7 LOW | ||
| The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations. | |||||
| CVE-2025-7458 | 2025-07-29 | N/A | N/A | ||
| An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause. | |||||
| CVE-2014-9192 | 1 Trihedral | 1 Vtscada | 2025-07-25 | 7.8 HIGH | N/A |
| Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation. | |||||
| CVE-2025-48964 | 2025-07-25 | N/A | 6.5 MEDIUM | ||
| ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero). | |||||
| CVE-2025-47268 | 1 Iputils Project | 1 Iputils | 2025-07-23 | N/A | 6.5 MEDIUM |
| ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication. | |||||
| CVE-2024-5197 | 2 Debian, Webmproject | 2 Debian Linux, Libvpx | 2025-07-22 | N/A | 9.1 CRITICAL |
| There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h, or stride_align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. We recommend upgrading to version 1.14.1 or beyond | |||||
| CVE-2025-49742 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-17 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally. | |||||
| CVE-2024-34663 | 1 Google | 1 Android | 2025-07-17 | N/A | 5.3 MEDIUM |
| Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-49689 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-15 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-49683 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-15 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-22471 | 1 Dell | 1 Powerscale Onefs | 2025-07-15 | N/A | 6.5 MEDIUM |
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2025-48816 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-15 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-48002 | 1 Microsoft | 2 Windows 11 24h2, Windows Server 2025 | 2025-07-15 | N/A | 5.7 MEDIUM |
| Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network. | |||||