Total
2652 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10249 | 1 Jasper Project | 1 Jasper | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow. | |||||
| CVE-2017-5853 | 1 Podofo Project | 1 Podofo | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||||
| CVE-2016-6872 | 1 Facebook | 1 Hhvm | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | |||||
| CVE-2017-7294 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device. | |||||
| CVE-2016-10141 | 1 Artifex | 1 Mujs | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition. | |||||
| CVE-2017-12863 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | |||||
| CVE-2017-0597 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34749571. | |||||
| CVE-2017-9281 | 1 Microfocus | 1 Visibroker | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. | |||||
| CVE-2017-14636 | 1 Sam2p Project | 1 Sam2p | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. However, this also causes memory corruption because of an attempted write to the invalid d[0xfffffffe] array element. | |||||
| CVE-2017-16828 | 1 Gnu | 1 Binutils | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. | |||||
| CVE-2015-9062 | 1 Google | 1 Android | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file. | |||||
| CVE-2017-0611 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35393841. References: QC-CR#1084210. | |||||
| CVE-2017-5628 | 1 Artifex | 1 Mujs | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file. | |||||
| CVE-2016-9085 | 2 Fedoraproject, Webmproject | 2 Fedora, Libwebp | 2025-04-20 | 2.1 LOW | 3.3 LOW |
| Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors. | |||||
| CVE-2015-8995 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2017-5340 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. | |||||
| CVE-2015-8895 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow. | |||||
| CVE-2016-6252 | 1 Shadow Project | 1 Shadow | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. | |||||
| CVE-2017-16797 | 1 Swftools | 1 Swftools | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file. | |||||
| CVE-2016-5871 | 1 Google | 1 Android | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file. | |||||