Total
2260 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-35128 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | |||||
CVE-2023-35057 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | |||||
CVE-2023-35004 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | |||||
CVE-2023-32650 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | |||||
CVE-2024-21812 | 2024-04-02 | N/A | 9.8 CRITICAL | ||
An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
CVE-2024-3077 | 2024-03-29 | N/A | 6.8 MEDIUM | ||
An malicious BLE device can crash BLE victim device by sending malformed gatt packet | |||||
CVE-2024-1580 | 2024-03-27 | N/A | 5.9 MEDIUM | ||
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d. | |||||
CVE-2021-3520 | 4 Lz4 Project, Netapp, Oracle and 1 more | 6 Lz4, Active Iq Unified Manager, Ontap Select Deploy Administration Utility and 3 more | 2024-03-27 | 7.5 HIGH | 9.8 CRITICAL |
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well. | |||||
CVE-2020-14155 | 6 Apple, Gitlab, Netapp and 3 more | 20 Macos, Gitlab, Active Iq Unified Manager and 17 more | 2024-03-27 | 5.0 MEDIUM | 5.3 MEDIUM |
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | |||||
CVE-2024-2452 | 2024-03-26 | N/A | 7.0 HIGH | ||
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows. | |||||
CVE-2024-2212 | 2024-03-26 | N/A | 7.3 HIGH | ||
In Eclipse ThreadX before 6.4.0, xQueueCreate() and xQueueCreateSet() functions from the FreeRTOS compatibility API (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c) were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows. | |||||
CVE-2023-6780 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2024-03-26 | N/A | 5.3 MEDIUM |
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer. | |||||
CVE-2023-26242 | 1 Linux | 1 Linux Kernel | 2024-03-25 | N/A | 7.8 HIGH |
afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow. | |||||
CVE-2023-23559 | 3 Debian, Linux, Netapp | 3 Debian Linux, Linux Kernel, Hci Baseboard Management Controller | 2024-03-25 | N/A | 7.8 HIGH |
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. | |||||
CVE-2024-1916 | 2024-03-15 | N/A | 9.8 CRITICAL | ||
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. | |||||
CVE-2024-1917 | 2024-03-15 | N/A | 9.8 CRITICAL | ||
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. | |||||
CVE-2024-0803 | 2024-03-15 | N/A | 9.8 CRITICAL | ||
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. | |||||
CVE-2022-25147 | 1 Apache | 1 Portable Runtime Utility | 2024-03-15 | N/A | 6.5 MEDIUM |
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions. | |||||
CVE-2024-22396 | 2024-03-14 | N/A | N/A | ||
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload. | |||||
CVE-2023-48409 | 1 Google | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |