Total
2270 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-13691 | 1 Rtokenmain Project | 1 Rtokenmain | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2017-2901 | 2 Blender, Debian | 2 Blender, Debian Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
CVE-2015-9190 | 1 Qualcomm | 38 Ipq4019, Ipq4019 Firmware, Mdm9206 and 35 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810, if start_addr + size is too large in boot_clobber_check_local_address_range(), an integer overflow occurs, resulting in clobber protection check being bypassed and SBL memory corruption. | |||||
CVE-2018-13701 | 1 Kissme Project | 1 Kissme | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for KissMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13659 | 1 Briancoin Project | 1 Briancoin | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for BrianCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2017-12081 | 2 Blender, Debian | 2 Blender, Debian Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | |||||
CVE-2017-2918 | 2 Blender, Debian | 2 Blender, Debian Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | |||||
CVE-2018-13540 | 1 Gsi Project | 1 Gsi | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2018-13465 | 1 Paulycoin Project | 1 Paulycoin | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
CVE-2017-4950 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2023-12-10 | 6.9 MEDIUM | 7.0 HIGH |
VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default. | |||||
CVE-2017-2717 | 1 Huawei | 2 Honor 8 Pro, Honor 8 Pro Firmware | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
honor 8 Pro with software Duke-L09C10B120 and earlier versions,Duke-L09C432B120 and earlier versions,Duke-L09C636B120 and earlier versions has an integer overflow vulnerability. The attacker sends a response message to the device, which contains an illegal length field, it could produce an integer overflow and restart the modem system. | |||||
CVE-2014-0143 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2023-12-10 | 4.4 MEDIUM | 7.0 HIGH |
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes. | |||||
CVE-2017-14630 | 1 Sam2p Project | 1 Sam2p | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation. | |||||
CVE-2018-5709 | 1 Mit | 1 Kerberos | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. | |||||
CVE-2017-13136 | 1 Libbpg Project | 1 Libbpg | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference. | |||||
CVE-2015-1537 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. | |||||
CVE-2017-12110 | 1 Libxls Project | 1 Libxls | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution. | |||||
CVE-2016-10507 | 1 Uclouvain | 1 Openjpeg | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file. | |||||
CVE-2014-9944 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | |||||
CVE-2017-9690 | 1 Google | 1 Android | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a qbt1000 ioctl handler, an incorrect buffer size check has an integer overflow vulnerability potentially leading to a buffer overflow. |