Vulnerabilities (CVE)

Filtered by CWE-190
Total 1653 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40346 2 Debian, Haproxy 2 Debian Linux, Haproxy 2021-09-17 5.0 MEDIUM 7.5 HIGH
An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.
CVE-2021-30663 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2021-09-16 6.8 MEDIUM 8.8 HIGH
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30760 1 Apple 6 Ipad Os, Iphone Os, Mac Os X and 3 more 2021-09-16 6.8 MEDIUM 7.8 HIGH
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2020-11038 2 Freerdp, Opensuse 2 Freerdp, Leap 2021-09-14 5.5 MEDIUM 5.4 MEDIUM
In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0.
CVE-2021-32027 2 Postgresql, Redhat 4 Postgresql, Enterprise Linux, Jboss Enterprise Application Platform and 1 more 2021-09-14 6.5 MEDIUM 8.8 HIGH
A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-32559 1 Pywin32 Project 1 Pywin32 2021-09-14 4.0 MEDIUM 6.5 MEDIUM
An integer overflow exists in pywin32 prior to version b301 when adding an access control entry (ACE) to an access control list (ACL) that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process.
CVE-2021-31807 3 Fedoraproject, Netapp, Squid-cache 3 Fedora, Cloud Manager, Squid 2021-09-14 4.0 MEDIUM 6.5 MEDIUM
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.
CVE-2021-23840 4 Debian, Openssl, Oracle and 1 more 8 Debian Linux, Openssl, Enterprise Manager Ops Center and 5 more 2021-09-13 5.0 MEDIUM 7.5 HIGH
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
CVE-2020-15707 8 Canonical, Debian, Gnu and 5 more 15 Ubuntu Linux, Debian Linux, Grub2 and 12 more 2021-09-13 4.4 MEDIUM 6.4 MEDIUM
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.
CVE-2021-30354 1 Amazon 2 Kindle, Kindle Firmware 2021-09-10 9.3 HIGH 8.6 HIGH
Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book.
CVE-2021-22684 1 Samsung 1 Tizenrt 2021-09-08 5.0 MEDIUM 7.5 HIGH
Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash
CVE-2021-36058 1 Adobe 1 Xmp Toolkit Sdk 2021-09-08 4.3 MEDIUM 5.5 MEDIUM
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
CVE-2021-21036 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2021-09-08 6.8 MEDIUM 7.8 HIGH
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2011-1298 2 Apple, Google 2 Macos, Blink 2021-09-08 5.0 MEDIUM 7.5 HIGH
An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.
CVE-2020-12651 4 Apple, Linux, Microsoft and 1 more 5 Iphone Os, Macos, Linux Kernel and 2 more 2021-09-08 10.0 HIGH 9.8 CRITICAL
SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX.
CVE-2019-8101 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2021-09-08 5.0 MEDIUM 7.5 HIGH
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-8099 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2021-09-08 5.0 MEDIUM 7.5 HIGH
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
CVE-2020-29384 3 Advsys, Apple, Linux 3 Pngout, Macos, Linux Kernel 2021-09-08 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in PNGOUT 2020-01-15. When compressing a crafted PNG file, it encounters an integer overflow.
CVE-2019-7030 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2021-09-08 5.0 MEDIUM 7.5 HIGH
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
CVE-2012-2036 8 Adobe, Apple, Google and 5 more 13 Air, Flash Player, Macos and 10 more 2021-09-08 9.3 HIGH N/A
Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.