Total
2624 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-0553 | 1 Google | 1 Android | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library. | |||||
| CVE-2016-10346 | 1 Google | 1 Android | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. | |||||
| CVE-2016-4352 | 1 Libavformat Project | 1 Libavformat | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in the demuxer function in libmpdemux/demux_gif.c in Mplayer allows remote attackers to cause a denial of service (crash) via large dimensions in a gif file. | |||||
| CVE-2017-3011 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-14630 | 1 Sam2p Project | 1 Sam2p | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation. | |||||
| CVE-2017-8250 | 1 Google | 1 Android | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, user controlled variables "nr_cmds" and "nr_bos" number are passed across functions without any check. An integer overflow to buffer overflow (with a smaller buffer allocated) may occur when they are too large or negative. | |||||
| CVE-2017-9199 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19. | |||||
| CVE-2017-0729 | 1 Google | 1 Android | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37710346. | |||||
| CVE-2017-2782 | 1 Matrixssl | 1 Matrixssl | 2025-04-20 | 6.4 MEDIUM | 6.5 MEDIUM |
| An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection | |||||
| CVE-2016-8438 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638. | |||||
| CVE-2017-6355 | 1 Freedesktop | 1 Virglrenderer | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access. | |||||
| CVE-2017-2813 | 1 Irfanview | 1 Irfanview | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView. | |||||
| CVE-2017-7602 | 1 Libtiff | 1 Libtiff | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
| CVE-2014-9935 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2017-0576 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33544431. References: QC-CR#1103089. | |||||
| CVE-2016-9558 | 1 Libdwarf Project | 1 Libdwarf | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| (1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow." | |||||
| CVE-2017-0104 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2012, Windows Server 2016 | 2025-04-20 | 9.3 HIGH | 8.1 HIGH |
| The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerability." | |||||
| CVE-2017-6889 | 1 Libraw | 1 Libraw-demosaic-pack-gpl2 | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow. | |||||
| CVE-2015-1527 | 1 Google | 1 Android | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727. | |||||
| CVE-2017-5898 | 2 Qemu, Suse | 5 Qemu, Linux Enterprise Desktop, Linux Enterprise Server and 2 more | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit. | |||||