Search
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30155 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | 7.1 HIGH | 5.5 MEDIUM |
| Windows Kernel Denial of Service Vulnerability | |||||
| CVE-2020-27171 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2022-07-30 | 3.6 LOW | 6.0 MEDIUM |
| An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d. | |||||
| CVE-2021-3930 | 3 Debian, Qemu, Redhat | 10 Debian Linux, Qemu, Codeready Linux Builder and 7 more | 2022-05-13 | 2.1 LOW | 6.5 MEDIUM |
| An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition. | |||||
| CVE-2020-11765 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipad Os, Iphone Os and 9 more | 2022-04-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. | |||||
| CVE-2021-44007 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-12-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll contains an off-by-one error in the heap while parsing specially crafted TIFF files. This could allow an attacker to cause a denial-of-service condition. | |||||
| CVE-2018-14679 | 5 Cabextract, Cabextract Project, Canonical and 2 more | 8 Libmspack, Cabextract, Ubuntu Linux and 5 more | 2021-04-26 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash). | |||||
| CVE-2018-5800 | 4 Canonical, Debian, Libraw and 1 more | 6 Ubuntu Linux, Debian Linux, Libraw and 3 more | 2020-11-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. | |||||
| CVE-2015-8701 | 1 Qemu | 1 Qemu | 2020-11-10 | 2.1 LOW | 6.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRAGS_MAX=16) fragments. A privileged user inside guest could use this flaw to cause memory leakage on the host or crash the QEMU process instance resulting in DoS issue. | |||||
| CVE-2017-1000416 | 1 Axtls Project | 1 Axtls | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 2050. | |||||