Total
2976 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34399 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | N/A | 9.8 CRITICAL |
| Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow. | |||||
| CVE-2023-34406 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | N/A | 3.3 LOW |
| An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically. | |||||
| CVE-2025-6603 | 2025-06-26 | 4.3 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability was found in coldfunction qCUDA up to db0085400c2f2011eed46fbc04fdc0873141688e. It has been rated as problematic. Affected by this issue is the function qcow_make_empty of the file qCUDA/qcu-device/block/qcow.c. The manipulation of the argument s->l1_size leads to integer overflow. The attack needs to be approached locally. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. | |||||
| CVE-2023-36328 | 2 Fedoraproject, Libtom | 2 Fedora, Libtommath | 2025-06-26 | N/A | 9.8 CRITICAL |
| Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). | |||||
| CVE-2010-1233 | 1 Google | 1 Chrome | 2025-06-25 | 10.0 HIGH | N/A |
| Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects. | |||||
| CVE-2022-20685 | 1 Cisco | 3 Cyber Vision, Firepower Threat Defense, Unified Threat Defense Snort Intrusion Prevention System Engine | 2025-06-24 | N/A | 7.5 HIGH |
| A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | |||||
| CVE-2025-52935 | 2025-06-23 | N/A | N/A | ||
| Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly (src/redis/lua/struct modules). This vulnerability is associated with program files lua_struct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18. | |||||
| CVE-2024-23337 | 1 Jqlang | 1 Jq | 2025-06-20 | N/A | 4.3 MEDIUM |
| jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for the issue. | |||||
| CVE-2023-32881 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-06-18 | N/A | 4.4 MEDIUM |
| In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080. | |||||
| CVE-2023-47992 | 1 Freeimage Project | 1 Freeimage | 2025-06-17 | N/A | 8.8 HIGH |
| An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code. | |||||
| CVE-2025-5001 | 1 Gnu | 1 Pspp | 2025-06-17 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-15873 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-06-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. | |||||
| CVE-2013-7354 | 1 Libpng | 1 Libpng | 2025-06-09 | 5.0 MEDIUM | 6.5 MEDIUM |
| Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. | |||||
| CVE-2013-7353 | 1 Libpng | 1 Libpng | 2025-06-09 | 5.0 MEDIUM | 6.5 MEDIUM |
| Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. | |||||
| CVE-2011-3045 | 6 Debian, Fedoraproject, Google and 3 more | 13 Debian Linux, Fedora, Chrome and 10 more | 2025-06-09 | 6.8 MEDIUM | 8.8 HIGH |
| Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | |||||
| CVE-2021-38185 | 1 Gnu | 1 Cpio | 2025-06-09 | 6.8 MEDIUM | 7.8 HIGH |
| GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | |||||
| CVE-2025-47294 | 1 Fortinet | 1 Fortios | 2025-06-04 | N/A | 5.3 MEDIUM |
| A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request. | |||||
| CVE-2024-36617 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 6.2 MEDIUM |
| FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder. | |||||
| CVE-2024-35369 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 5.5 MEDIUM |
| In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in undefined behavior or crashes during the decoding process. | |||||
| CVE-2024-36619 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 5.3 MEDIUM |
| FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service (DoS) condition. | |||||