Total
3231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-36618 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 6.2 MEDIUM |
| FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition. | |||||
| CVE-2024-36617 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 6.2 MEDIUM |
| FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder. | |||||
| CVE-2024-36616 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 6.5 MEDIUM |
| An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file. | |||||
| CVE-2024-36613 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 6.2 MEDIUM |
| FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior. | |||||
| CVE-2024-36474 | 1 Gnome | 1 Libgsf | 2026-06-17 | N/A | 8.4 HIGH |
| An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-36337 | 2026-06-17 | N/A | 7.9 HIGH | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability. | |||||
| CVE-2024-36336 | 2026-06-17 | N/A | 7.9 HIGH | ||
| Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability. | |||||
| CVE-2024-36328 | 2026-06-17 | N/A | 7.3 HIGH | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability. | |||||
| CVE-2024-36320 | 2026-06-17 | N/A | N/A | ||
| Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability | |||||
| CVE-2024-36316 | 2026-06-17 | N/A | 5.5 MEDIUM | ||
| The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service | |||||
| CVE-2024-36121 | 1 Netty | 1 Netty-incubator-codec-ohttp | 2026-06-17 | N/A | 5.9 MEDIUM |
| netty-incubator-codec-ohttp is the OHTTP implementation for netty. BoringSSLAEADContext keeps track of how many OHTTP responses have been sent and uses this sequence number to calculate the appropriate nonce to use with the encryption algorithm. Unfortunately, two separate errors combine which would allow an attacker to cause the sequence number to overflow and thus the nonce to repeat. | |||||
| CVE-2024-35905 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-06-17 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int representation. This should not actually happen, as there are other protections along the way, but we should protect against it anyway. One code path was missing such protections (fixed in the previous patch in the series), causing out-of-bounds array accesses in check_stack_range_initialized(). This patch causes the verification of a program with such a non-sensical access size to fail. This check used to exist in a more indirect way, but was inadvertendly removed in a833a17aeac7. | |||||
| CVE-2024-35827 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() The "controllen" variable is type size_t (unsigned long). Casting it to int could lead to an integer underflow. The check_add_overflow() function considers the type of the destination which is type int. If we add two positive values and the result cannot fit in an integer then that's counted as an overflow. However, if we cast "controllen" to an int and it turns negative, then negative values *can* fit into an int type so there is no overflow. Good: 100 + (unsigned long)-4 = 96 <-- overflow Bad: 100 + (int)-4 = 96 <-- no overflow I deleted the cast of the sizeof() as well. That's not a bug but the cast is unnecessary. | |||||
| CVE-2024-35369 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 5.5 MEDIUM |
| In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in undefined behavior or crashes during the decoding process. | |||||
| CVE-2024-35366 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 9.1 CRITICAL |
| FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking. | |||||
| CVE-2024-34740 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-34733 | 1 Google | 1 Android | 2026-06-17 | N/A | 8.4 HIGH |
| In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-34663 | 1 Google | 1 Android | 2026-06-17 | N/A | 5.3 MEDIUM |
| Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2024-34403 | 2 Fedoraproject, Uriparser Project | 2 Fedora, Uriparser | 2026-06-17 | N/A | 5.9 MEDIUM |
| An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string. | |||||
| CVE-2024-34402 | 2 Fedoraproject, Uriparser Project | 2 Fedora, Uriparser | 2026-06-17 | N/A | 8.6 HIGH |
| An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow. | |||||
