Vulnerabilities (CVE)

Filtered by CWE-190
Total 2665 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-1679 1 Python 1 Python 2025-04-09 6.8 MEDIUM N/A
Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.
CVE-2007-6353 3 Canonical, Debian, Exiv2 3 Ubuntu Linux, Debian Linux, Exiv2 2025-04-09 7.5 HIGH N/A
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
CVE-2008-3144 1 Python 1 Python 2025-04-09 5.0 MEDIUM N/A
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error.
CVE-2007-1383 1 Php 1 Php 2025-04-09 10.0 HIGH 9.8 CRITICAL
Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286.
CVE-2008-1374 1 Apple 1 Cups 2025-04-09 6.8 MEDIUM N/A
Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888.
CVE-2007-2223 1 Microsoft 11 Expression Web, Office, Office Compatibility Pack and 8 more 2025-04-09 9.3 HIGH N/A
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
CVE-2008-2826 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2025-04-09 4.9 MEDIUM N/A
Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.
CVE-2007-2834 4 Apache, Canonical, Debian and 1 more 5 Openoffice, Ubuntu Linux, Debian Linux and 2 more 2025-04-09 9.3 HIGH N/A
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
CVE-2007-4965 1 Python 1 Python 2025-04-09 5.8 MEDIUM N/A
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.
CVE-2007-3387 6 Apple, Canonical, Debian and 3 more 6 Cups, Ubuntu Linux, Debian Linux and 3 more 2025-04-09 6.8 MEDIUM N/A
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
CVE-2009-0946 6 Apple, Canonical, Debian and 3 more 9 Iphone Os, Mac Os X, Mac Os X Server and 6 more 2025-04-09 7.5 HIGH N/A
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
CVE-2008-4864 1 Python 1 Python 2025-04-09 7.5 HIGH N/A
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
CVE-2009-3909 1 Gimp 1 Gimp 2025-04-09 9.3 HIGH N/A
Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.
CVE-2009-1570 1 Gimp 1 Gimp 2025-04-09 9.3 HIGH N/A
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.
CVE-2008-1083 1 Microsoft 5 Windows 2000, Windows 2003 Server, Windows Server 2008 and 2 more 2025-04-09 9.3 HIGH 8.1 HIGH
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability."
CVE-2007-2949 2 Canonical, Gimp 2 Ubuntu Linux, Gimp 2025-04-09 6.8 MEDIUM N/A
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
CVE-2008-2315 1 Python 1 Python 2025-04-09 7.5 HIGH N/A
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.
CVE-2007-0221 1 Microsoft 1 Exchange Server 2025-04-09 7.8 HIGH N/A
Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."
CVE-2025-3408 2025-04-08 7.5 HIGH 6.3 MEDIUM
A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-38142 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-08 N/A 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability