Total
1229 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-7183 | 1 Mozilla | 3 Firefox, Firefox Esr, Network Security Services | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | |||||
CVE-2016-2070 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic. | |||||
CVE-2015-7674 | 3 Canonical, Gnome, Opensuse | 3 Ubuntu Linux, Gdk-pixbuf, Opensuse | 2023-12-10 | 6.8 MEDIUM | N/A |
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow. | |||||
CVE-2015-3228 | 1 Artifex | 1 Afpl Ghostscript | 2023-12-10 | 6.8 MEDIUM | N/A |
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write. | |||||
CVE-2015-8651 | 5 Adobe, Apple, Google and 2 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2015-4001 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 9.0 HIGH | N/A |
Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet. | |||||
CVE-2015-3863 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | N/A |
Multiple integer overflows in the Blob class in keystore/keystore.cpp in Keystore in Android before 5.1.1 LMY48M allow attackers to execute arbitrary code and read arbitrary Keystore keys via an application that uses a crafted blob in an insert operation, aka internal bug 22802399. | |||||
CVE-2015-7212 | 3 Fedoraproject, Mozilla, Opensuse | 5 Fedora, Firefox, Firefox Esr and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation. | |||||
CVE-2015-8571 | 1 Autodesk | 1 Design Review | 2023-12-10 | 6.8 MEDIUM | N/A |
Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow. | |||||
CVE-2015-3104 | 5 Adobe, Apple, Google and 2 more | 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more | 2023-12-10 | 10.0 HIGH | N/A |
Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2015-8041 | 2 Opensuse, W1.fi | 3 Opensuse, Hostapd, Wpa Supplicant | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read. | |||||
CVE-2015-2470 | 1 Microsoft | 3 Office, Word, Word Viewer | 2023-12-10 | 9.3 HIGH | N/A |
Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Integer Underflow Vulnerability." | |||||
CVE-2016-2538 | 1 Qemu | 1 Qemu | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function. | |||||
CVE-2015-8396 | 1 Grassroots Dicom Project | 1 Grassroots Dicom | 2023-12-10 | 10.0 HIGH | 10.0 CRITICAL |
Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow. | |||||
CVE-2015-8096 | 1 Google | 1 Picasa | 2023-12-10 | 10.0 HIGH | N/A |
Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow. | |||||
CVE-2015-3768 | 1 Apple | 2 Iphone Os, Mac Os X | 2023-12-10 | 9.3 HIGH | N/A |
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls. | |||||
CVE-2015-8077 | 2 Cyrus, Opensuse | 3 Imap, Leap, Opensuse | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076. | |||||
CVE-2015-4468 | 1 Libmspack Project | 1 Libmspack | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file. | |||||
CVE-2015-3223 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets. | |||||
CVE-2015-5309 | 2 Opensuse, Simon Tatham | 3 Leap, Opensuse, Putty | 2023-12-10 | 4.3 MEDIUM | N/A |
Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow. |