Vulnerabilities (CVE)

Filtered by CWE-190
Total 3178 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-26668 1 Linux 1 Linux Kernel 2026-06-17 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its better to reject this rather than having incorrect ratelimit.
CVE-2024-26184 1 Microsoft 7 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 4 more 2026-06-17 N/A 6.8 MEDIUM
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26171 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2026-06-17 N/A 6.7 MEDIUM
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-25366 1 Mz-automation 1 Libiec61850 2026-06-17 N/A 6.2 MEDIUM
Buffer Overflow vulnerability in mz-automation.de libiec61859 v.1.4.0 allows a remote attacker to cause a denial of service via the mmsServer_handleGetNameListRequest function to the mms_getnamelist_service component.
CVE-2024-24857 2 Debian, Linux 2 Debian Linux, Linux Kernel 2026-06-17 N/A 4.6 MEDIUM
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.
CVE-2024-23851 1 Linux 1 Linux Kernel 2026-06-17 N/A 5.5 MEDIUM
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl.
CVE-2024-23775 2 Arm, Trustedfirmware 2 Mbed Tls, Mbed Tls 2026-06-17 N/A 7.5 HIGH
Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().
CVE-2024-23695 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In CacheOpPMRExec of cache_km.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-23605 1 Ggml 1 Llama.cpp 2026-06-17 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the GGUF library header.n_kv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2024-23531 1 Ivanti 1 Avalanche 2026-06-17 N/A 7.5 HIGH
An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to perform denial of service attacks. In certain rare conditions this could also lead to reading content from memory.
CVE-2024-23496 1 Ggml 1 Llama.cpp 2026-06-17 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the GGUF library gguf_fread_str functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2024-23372 1 Qualcomm 222 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 219 more 2026-06-17 N/A 8.4 HIGH
Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size.
CVE-2024-23337 1 Jqlang 1 Jq 2026-06-17 N/A 4.3 MEDIUM
jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for the issue.
CVE-2024-23307 1 Linux 1 Linux Kernel 2026-06-17 N/A 4.4 MEDIUM
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.
CVE-2024-22862 1 Ffmpeg 1 Ffmpeg 2026-06-17 N/A 9.8 CRITICAL
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.
CVE-2024-22861 1 Ffmpeg 1 Ffmpeg 2026-06-17 N/A 7.5 HIGH
Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.
CVE-2024-22860 1 Ffmpeg 1 Ffmpeg 2026-06-17 N/A 9.8 CRITICAL
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
CVE-2024-22396 2026-06-17 N/A 5.3 MEDIUM
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.
CVE-2024-22211 1 Freerdp 1 Freerdp 2026-06-17 N/A 3.7 LOW
FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability.
CVE-2024-22051 2 Github, Gjtorikian 2 Cmark-gfm, Commonmarker 2026-06-17 N/A 9.8 CRITICAL
CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns.