Total
2262 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-7529 | 3 Apple, F5, Puppet | 3 Xcode, Nginx, Puppet Enterprise | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. | |||||
| CVE-2015-1527 | 1 Google | 1 Android | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727. | |||||
| CVE-2017-9282 | 1 Microfocus | 1 Visibroker | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed. | |||||
| CVE-2017-1000470 | 1 Embedthis | 1 Goahead Web Server | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable to an integer overflow in the HTTP listener resulting in denial of service. | |||||
| CVE-2017-9196 | 1 Autotrace Project | 1 Autotrace | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7. | |||||
| CVE-2018-5295 | 1 Podofo Project | 1 Podofo | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file. | |||||
| CVE-2017-14167 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2023-12-10 | 7.2 HIGH | 8.8 HIGH |
| Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write. | |||||
| CVE-2017-16828 | 1 Gnu | 1 Binutils | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. | |||||
| CVE-2017-14861 | 1 Exiv2 | 1 Exiv2 | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-0729 | 1 Google | 1 Android | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37710346. | |||||
| CVE-2018-5294 | 2 Debian, Libming | 2 Debian Linux, Libming | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file. | |||||
| CVE-2017-4913 | 1 Vmware | 2 Horizon View, Workstation | 2023-12-10 | 6.9 MEDIUM | 7.8 HIGH |
| VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View. | |||||
| CVE-2017-9281 | 1 Microfocus | 1 Visibroker | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. | |||||
| CVE-2016-10346 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. | |||||
| CVE-2017-9831 | 1 Libmtp Project | 1 Libmtp | 2023-12-10 | 4.6 MEDIUM | 6.8 MEDIUM |
| An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. | |||||
| CVE-2017-14333 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 7.8 HIGH |
| The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution. | |||||
| CVE-2014-9964 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality. | |||||
| CVE-2017-1000229 | 2 Debian, Optipng Project | 2 Debian Linux, Optipng | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service. | |||||
| CVE-2017-2782 | 1 Matrixssl | 1 Matrixssl | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection | |||||
| CVE-2018-5727 | 1 Uclouvain | 1 Openjpeg | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | |||||