Total
3086 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45779 | 1 Gnu | 1 Grub2 | 2025-03-25 | N/A | 6.0 MEDIUM |
| An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash. | |||||
| CVE-2024-57492 | 1 Redox-os | 1 Redox | 2025-03-24 | N/A | 5.5 MEDIUM |
| An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the round_up_to_page funciton. | |||||
| CVE-2023-4295 | 1 Arm | 2 Mali Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-03-24 | N/A | 7.8 HIGH |
| A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | |||||
| CVE-2021-4206 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2025-03-21 | 4.6 MEDIUM | 8.2 HIGH |
| A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. | |||||
| CVE-2023-51714 | 2 Debian, Qt | 2 Debian Linux, Qt | 2025-03-20 | N/A | 9.8 CRITICAL |
| An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. | |||||
| CVE-2023-23462 | 1 Libpeconv Project | 1 Libpeconv | 2025-03-19 | N/A | 9.8 CRITICAL |
| Libpeconv – integer overflow, before commit 75b1565 (30/11/2022). | |||||
| CVE-2023-20662 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | N/A | 6.7 MEDIUM |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560765; Issue ID: ALPS07560765. | |||||
| CVE-2023-20661 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | N/A | 6.7 MEDIUM |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782. | |||||
| CVE-2023-20660 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | N/A | 4.4 MEDIUM |
| In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383. | |||||
| CVE-2024-26668 | 1 Linux | 1 Linux Kernel | 2025-03-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its better to reject this rather than having incorrect ratelimit. | |||||
| CVE-2023-49441 | 1 Thekelleys | 1 Dnsmasq | 2025-03-14 | N/A | 7.5 HIGH |
| dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query. | |||||
| CVE-2025-0587 | 1 Openatom | 1 Openharmony | 2025-03-11 | N/A | 3.8 LOW |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | |||||
| CVE-2024-53025 | 1 Qualcomm | 36 Fastconnect 7800, Fastconnect 7800 Firmware, Sm8750 and 33 more | 2025-03-06 | N/A | 5.5 MEDIUM |
| Transient DOS can occur while processing UCI command. | |||||
| CVE-2022-43974 | 1 Matrixssl | 1 Matrixssl | 2025-03-06 | N/A | 8.1 HIGH |
| MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in 4.6.0. | |||||
| CVE-2021-30022 | 1 Gpac | 1 Gpac | 2025-03-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 unit, so there is an overflow, which results a crash. | |||||
| CVE-2021-30014 | 1 Gpac | 1 Gpac | 2025-03-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash. | |||||
| CVE-2025-20024 | 1 Openatom | 1 Openharmony | 2025-03-04 | N/A | 3.8 LOW |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | |||||
| CVE-2022-20532 | 1 Google | 1 Android | 2025-02-28 | N/A | 9.8 CRITICAL |
| In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-232242894 | |||||
| CVE-2021-47109 | 1 Linux | 1 Linux Kernel | 2025-02-27 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUD_NOARP entries to be forced GCed IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to fill up the neighbour table with enough entries that it will overflow for valid connections after that. This behaviour is more prevalent after commit 58956317c8de ("neighbor: Improve garbage collection") is applied, as it prevents removal from entries that are not NUD_FAILED, unless they are more than 5s old. | |||||
| CVE-2025-21369 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-02-26 | N/A | 8.8 HIGH |
| Microsoft Digest Authentication Remote Code Execution Vulnerability | |||||