Vulnerabilities (CVE)

Filtered by CWE-190
Total 1653 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-4913 1 Vmware 2 Horizon View, Workstation 2017-07-11 6.9 MEDIUM 7.8 HIGH
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.
CVE-2017-6355 1 Freedesktop 1 Virglrenderer 2017-07-11 2.1 LOW 5.5 MEDIUM
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
CVE-2014-9964 1 Google 1 Android 2017-07-08 9.3 HIGH 7.8 HIGH
In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality.
CVE-2017-2813 1 Irfanview 1 Irfanview 2017-07-03 6.8 MEDIUM 7.8 HIGH
An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView.
CVE-2016-7947 2 Fedoraproject, X.org 2 Fedora, Libxrandr 2017-07-01 7.5 HIGH 9.8 CRITICAL
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
CVE-2016-7945 2 Fedoraproject, X.org 2 Fedora, Libxi 2017-07-01 5.0 MEDIUM 7.5 HIGH
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
CVE-2016-9426 1 W3m Project 1 W3m 2017-07-01 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service (OOM) and possibly execute arbitrary code due to bdwgc's bug (CVE-2016-9427) via a crafted HTML page.
CVE-2016-7133 1 Php 1 Php 2017-07-01 6.8 MEDIUM 8.1 HIGH
Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a long pathname.
CVE-2016-7944 2 Fedoraproject, X.org 2 Fedora, Libxfixes 2017-07-01 7.5 HIGH 9.8 CRITICAL
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
CVE-2016-9189 2 Debian, Python 2 Debian Linux, Pillow 2017-07-01 4.3 MEDIUM 5.5 MEDIUM
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component.
CVE-2016-5138 1 Google 1 Chrome 2017-07-01 6.8 MEDIUM 8.8 HIGH
Integer overflow in the kbasep_vinstr_attach_client function in midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service (heap-based buffer overflow and use-after-free) by leveraging an unrestricted multiplication.
CVE-2016-2326 3 Canonical, Debian, Ffmpeg 3 Ubuntu Linux, Debian Linux, Ffmpeg 2017-07-01 6.8 MEDIUM 8.8 HIGH
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.
CVE-2017-2782 1 Matrixssl 1 Matrixssl 2017-06-29 6.4 MEDIUM 9.1 CRITICAL
An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection
CVE-2014-9944 1 Google 1 Android 2017-06-09 9.3 HIGH 7.8 HIGH
In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
CVE-2017-8782 1 Libming 1 Libming 2017-06-09 4.3 MEDIUM 6.5 MEDIUM
The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error.
CVE-2015-9005 1 Google 1 Android 2017-06-08 9.3 HIGH 7.8 HIGH
In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
CVE-2017-9187 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7.
CVE-2017-9198 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.
CVE-2017-9199 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.
CVE-2017-9197 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.