Total
2871 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40475 | 1 Gstreamer Project | 1 Gstreamer | 2025-11-04 | N/A | 8.8 HIGH |
| GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21661. | |||||
| CVE-2023-40474 | 1 Gstreamer Project | 1 Gstreamer | 2025-11-04 | N/A | 8.8 HIGH |
| GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21660. | |||||
| CVE-2023-38127 | 1 Justsystems | 19 Easy Postcard Max, Ichitaro 2021, Ichitaro 2022 and 16 more | 2025-11-04 | N/A | 7.8 HIGH |
| An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause the parser to make an under-sized allocation, which can later allow for memory corruption, potentially resulting in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-26817 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-04 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow. | |||||
| CVE-2024-23851 | 1 Linux | 1 Linux Kernel | 2025-11-04 | N/A | 5.5 MEDIUM |
| copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl. | |||||
| CVE-2024-23775 | 1 Arm | 1 Mbed Tls | 2025-11-04 | N/A | 7.5 HIGH |
| Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension(). | |||||
| CVE-2024-23605 | 1 Ggerganov | 1 Llama.cpp | 2025-11-04 | N/A | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the GGUF library header.n_kv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-23496 | 1 Ggerganov | 1 Llama.cpp | 2025-11-04 | N/A | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the GGUF library gguf_fread_str functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-21836 | 1 Ggerganov | 1 Llama.cpp | 2025-11-04 | N/A | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-21825 | 1 Ggerganov | 1 Llama.cpp | 2025-11-04 | N/A | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-21812 | 2 Fedoraproject, Libbiosig Project | 2 Fedora, Libbiosig | 2025-11-04 | N/A | 9.8 CRITICAL |
| An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-39317 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_lens` array. | |||||
| CVE-2023-39316 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_pointers` array. | |||||
| CVE-2023-39275 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `value` array. | |||||
| CVE-2023-39274 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array. | |||||
| CVE-2023-39273 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array. | |||||
| CVE-2023-39272 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array. | |||||
| CVE-2023-39271 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array. | |||||
| CVE-2023-39270 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array. | |||||
| CVE-2023-38653 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.0 HIGH |
| Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. | |||||