Total
2261 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-15325 | 1 Huawei | 10 Prague-al00a, Prague-al00a Firmware, Prague-al00b and 7 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution. | |||||
CVE-2018-13567 | 1 Sdr22 Project | 1 Sdr22 | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for SDR, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13536 | 1 Erc20 Ico Project | 1 Erc20 Ico | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for ERC20_ICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13745 | 1 Stctoken Project | 1 Stctoken | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for STCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13554 | 1 Moneytree Project | 1 Moneytree | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2017-18257 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. | |||||
CVE-2017-12101 | 2 Blender, Debian | 2 Blender, Debian Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order to trigger this vulnerability. | |||||
CVE-2018-13574 | 1 Datashieldcoin Project | 1 Datashieldcoin | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for DataShieldCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13698 | 1 Play2livepromo Project | 1 Play2livepromo | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintTokens function of a smart contract implementation for Play2LivePromo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13576 | 1 Juntspercreixer | 1 Juntspercreixer | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for Escut (ESCT) (Contract Name: JuntsPerCreixer), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2017-12102 | 2 Blender, Debian | 2 Blender, Debian Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. | |||||
CVE-2018-13202 | 1 Mybo Project | 1 Mybo | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The sell function of a smart contract implementation for MyBO, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. | |||||
CVE-2018-13503 | 1 South Park Token Token Project | 1 South Park Token Token | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for South Park Token Token (SPTKN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13761 | 1 Netkilleradvancedtokenairdrop Project | 1 Netkilleradvancedtokenairdrop | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for NetkillerAdvancedTokenAirDrop, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-12264 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp. | |||||
CVE-2018-7226 | 1 Vncterm Project | 1 Vncterm | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing sanitization of the client-specified message length may cause integer overflow or possibly have unspecified other impact via a specially crafted VNC packet. | |||||
CVE-2018-13755 | 1 Otakutoken Project | 1 Otakutoken | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13708 | 1 Buytoken Project | 1 Buytoken | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for Order (ETH) (Contract Name: BuyToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-1126 | 5 Canonical, Debian, Procps-ng Project and 2 more | 10 Ubuntu Linux, Debian Linux, Procps-ng and 7 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124. | |||||
CVE-2018-13716 | 1 Sexhdsolo Project | 1 Sexhdsolo | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for sexhdsolo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. |