Search
Total
1941 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-13471 | 1 Beyondcash | 1 Beyondcashtoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13467 | 1 Epnex | 1 Epiphanycoin | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13478 | 1 Airbridge | 1 Dmptoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13481 | 1 Triumland | 1 Triumland | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for TRIUM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13533 | 1 Aluxdigital | 1 Aluxtoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ALUXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13477 | 1 Cte | 1 Ctesale | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for CTESale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-10316 | 1 Nasm | 1 Netwide Assembler | 2020-07-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. | |||||
| CVE-2018-12371 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-07-13 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61. | |||||
| CVE-2020-13822 | 1 Elliptic Project | 1 Elliptic | 2020-07-02 | 6.8 MEDIUM | 7.7 HIGH |
| The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature. | |||||
| CVE-2020-13999 | 1 Libemf Project | 1 Libemf | 2020-07-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file. | |||||
| CVE-2016-5735 | 1 Pngquant | 1 Pngquant | 2020-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. | |||||
| CVE-2019-14094 | 1 Qualcomm | 128 Apq8009, Apq8009 Firmware, Apq8053 and 125 more | 2020-06-25 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | |||||
| CVE-2020-12826 | 3 Canonical, Linux, Redhat | 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more | 2020-06-22 | 4.4 MEDIUM | 5.3 MEDIUM |
| A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat. | |||||
| CVE-2004-0657 | 2 Hp, Ntp | 2 Tru64 Unix, Ntp | 2020-06-18 | 5.0 MEDIUM | N/A |
| Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time. | |||||
| CVE-2020-10063 | 1 Zephyrproject | 1 Zephyr | 2020-06-12 | 5.0 MEDIUM | 7.5 HIGH |
| A remote adversary with the ability to send arbitrary CoAP packets to be parsed by Zephyr is able to cause a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions. | |||||
| CVE-2020-9841 | 1 Apple | 1 Mac Os X | 2020-06-09 | 9.3 HIGH | 7.8 HIGH |
| An integer overflow was addressed through improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-9852 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2020-06-09 | 9.3 HIGH | 7.8 HIGH |
| An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-10067 | 1 Zephyrproject | 1 Zephyr | 2020-06-05 | 7.2 HIGH | 7.8 HIGH |
| A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from denial of service to information leak to memory corruption resulting in code execution within the kernel. See NCC-ZEP-005 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions. | |||||
| CVE-2011-1121 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-06-04 | 7.5 HIGH | N/A |
| Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. | |||||
| CVE-2018-13508 | 1 Vicetoken | 1 Vittoken | 2020-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for VITToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2019-14066 | 1 Qualcomm | 28 Kamorta, Kamorta Firmware, Mdm9205 and 25 more | 2020-06-03 | 7.2 HIGH | 7.8 HIGH |
| Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SXR2130 | |||||
| CVE-2018-13581 | 1 Travelcoins | 1 Travelcointoken | 2020-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13504 | 1 Immcoin | 1 Immcoin | 2020-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for MMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2020-3641 | 1 Qualcomm | 76 Apq8009, Apq8009 Firmware, Apq8053 and 73 more | 2020-06-03 | 10.0 HIGH | 9.8 CRITICAL |
| Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130 | |||||
| CVE-2019-20805 | 1 Upx Project | 1 Upx | 2020-06-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PT_DYNAMIC segment. | |||||
| CVE-2015-5707 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2020-06-02 | 4.6 MEDIUM | N/A |
| Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | |||||
| CVE-2020-11869 | 1 Qemu | 1 Qemu | 2020-05-28 | 2.1 LOW | 3.3 LOW |
| An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service. | |||||
| CVE-2011-1437 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering. | |||||
| CVE-2011-1800 | 1 Google | 1 Chrome | 2020-05-22 | 7.5 HIGH | N/A |
| Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-2829 | 1 Google | 1 Chrome | 2020-05-19 | 7.5 HIGH | N/A |
| Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays. | |||||
| CVE-2019-7733 | 1 Live555 | 1 Streaming Media | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove. | |||||
| CVE-2016-3712 | 6 Canonical, Citrix, Debian and 3 more | 11 Ubuntu Linux, Xenserver, Debian Linux and 8 more | 2020-05-14 | 2.1 LOW | 5.5 MEDIUM |
| Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. | |||||
| CVE-2019-20787 | 2 Opensuse, Teeworlds | 2 Leap, Teeworlds | 2020-04-29 | 7.5 HIGH | 9.8 CRITICAL |
| Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size. | |||||
| CVE-2020-7083 | 1 Autodesk | 1 Fbx Software Development Kit | 2020-04-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application. | |||||
| CVE-2019-14114 | 1 Qualcomm | 102 Apq8009, Apq8009 Firmware, Apq8017 and 99 more | 2020-04-22 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130 | |||||
| CVE-2018-13075 | 1 Carbonexchangecointoken Project | 1 Carbonexchangecointoken | 2020-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Carbon Exchange Coin Token (CEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2016-9108 | 2 Artifex, Fedoraproject | 2 Mujs, Fedora | 2020-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression. | |||||
| CVE-2017-5628 | 1 Artifex | 1 Mujs | 2020-04-22 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file. | |||||
| CVE-2017-5627 | 1 Artifex | 1 Mujs | 2020-04-22 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a specially crafted JS file. | |||||
| CVE-2016-10141 | 1 Artifex | 1 Mujs | 2020-04-22 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition. | |||||
| CVE-2018-13602 | 1 Marcelominingtoken Project | 1 Marcelominingtoken | 2020-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The mint function of a smart contract implementation for MiningToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13512 | 1 Smarthomecoin Project | 1 Smarthomecoin | 2020-04-17 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for SmartHomeCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2011-3015 | 1 Google | 1 Chrome | 2020-04-16 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3026 | 4 Apple, Google, Opensuse and 1 more | 7 Iphone Os, Mac Os X, Mac Os X Server and 4 more | 2020-04-16 | 6.8 MEDIUM | N/A |
| Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | |||||
| CVE-2011-3045 | 6 Debian, Fedoraproject, Google and 3 more | 13 Debian Linux, Fedora, Chrome and 10 more | 2020-04-14 | 6.8 MEDIUM | N/A |
| Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | |||||
| CVE-2018-18749 | 1 Data Tools Project | 1 Data Tools | 2020-04-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| data-tools through 2017-07-26 has an Integer Overflow leading to an incorrect end value for the write_wchars function. | |||||
| CVE-2011-3065 | 1 Google | 1 Chrome | 2020-04-14 | 6.8 MEDIUM | N/A |
| Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2020-1895 | 1 Facebook | 1 Instagram | 2020-04-10 | 6.8 MEDIUM | 7.8 HIGH |
| A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128. | |||||
| CVE-2018-21054 | 5 Google, Mediatek, Qualcomm and 2 more | 14 Android, M6737t, Msm8909 and 11 more | 2020-04-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018). | |||||
| CVE-2007-0221 | 1 Microsoft | 1 Exchange Server | 2020-04-09 | 7.8 HIGH | N/A |
| Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability." | |||||