Vulnerabilities (CVE)

Filtered by CWE-190
Total 2237 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-38618 1 Tonybybell 1 Gtkwave 2024-01-11 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array.
CVE-2023-38619 1 Tonybybell 1 Gtkwave 2024-01-11 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array.
CVE-2024-22051 2 Github, Gjtorikian 2 Cmark-gfm, Commonmarker 2024-01-11 N/A 9.8 CRITICAL
CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns.
CVE-2018-15560 1 Pycryptodome 1 Pycryptodome 2024-01-11 5.0 MEDIUM 7.5 HIGH
PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.
CVE-2023-38650 1 Tonybybell 1 Gtkwave 2024-01-11 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero.
CVE-2023-38651 1 Tonybybell 1 Gtkwave 2024-01-11 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero.
CVE-2023-38652 1 Tonybybell 1 Gtkwave 2024-01-11 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero.
CVE-2023-38623 1 Tonybybell 1 Gtkwave 2024-01-11 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `vindex_offset` array.
CVE-2024-21631 1 Vapor 1 Vapor 2024-01-10 N/A 6.5 MEDIUM
Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vapor's `vapor_urlparser_parse` function uses `uint16_t` indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs. This vulnerability does not affect Vapor directly but could impact applications relying on the URI type for validating user input. The URI type is used in several places in Vapor. A developer may decide to use URI to represent a URL in their application (especially if that URL is then passed to the HTTP Client) and rely on its public properties and methods. However, URI may fail to properly parse a valid (albeit abnormally long) URL, due to string ranges being converted to 16-bit integers. An attacker may use this behavior to trick the application into accepting a URL to an untrusted destination. By padding the port number with zeros, an attacker can cause an integer overflow to occur when the URL authority is parsed and, as a result, spoof the host. Version 4.90.0 contains a patch for this issue. As a workaround, validate user input before parsing as a URI or, if possible, use Foundation's `URL` and `URLComponents` utilities.
CVE-2023-38403 6 Apple, Debian, Es and 3 more 7 Macos, Debian Linux, Iperf3 and 4 more 2024-01-09 N/A 7.5 HIGH
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
CVE-2023-5173 1 Mozilla 1 Firefox 2024-01-07 N/A 7.5 HIGH
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.
CVE-2023-32881 2 Google, Mediatek 22 Android, Mt6762, Mt6765 and 19 more 2024-01-05 N/A 4.4 MEDIUM
In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080.
CVE-2023-51714 1 Qt 1 Qt 2024-01-04 N/A 9.8 CRITICAL
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
CVE-2023-24609 2 Matrixssl, Rambus 2 Matrixssl, Tls Toolkit 2024-01-03 N/A 7.5 HIGH
Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate.
CVE-2023-37536 3 Apache, Fedoraproject, Hcltech 3 Xerces-c\+\+, Fedora, Bigfix Platform 2023-12-31 N/A 8.8 HIGH
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.
CVE-2016-9426 1 Tats 1 W3m 2023-12-29 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service (OOM) and possibly execute arbitrary code due to bdwgc's bug (CVE-2016-9427) via a crafted HTML page.
CVE-2021-34513 1 Microsoft 2 Windows 10, Windows Server 2016 2023-12-28 7.2 HIGH 7.8 HIGH
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-34512 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-12-28 7.2 HIGH 7.8 HIGH
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-34510 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-12-28 4.6 MEDIUM 7.8 HIGH
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-34536 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-12-28 4.6 MEDIUM 7.8 HIGH
Storage Spaces Controller Elevation of Privilege Vulnerability