Search
Total
1941 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-17157 | 1 Freebsd | 1 Freebsd | 2019-01-24 | 10.0 HIGH | 9.8 CRITICAL |
| In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code. | |||||
| CVE-2017-18255 | 1 Linux | 1 Linux Kernel | 2019-01-19 | 4.6 MEDIUM | 7.8 HIGH |
| The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation. | |||||
| CVE-2018-18928 | 1 Icu-project | 1 International Components For Unicode | 2019-01-16 | 7.5 HIGH | 9.8 CRITICAL |
| International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp. | |||||
| CVE-2018-6174 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2019-01-14 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page. | |||||
| CVE-2018-18665 | 1 Nexxuscoin | 1 Nexxustoken | 2019-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-18666 | 1 Swft | 1 Swftcoin | 2019-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-18667 | 1 Pylon-network | 1 Pylontoken | 2019-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value, a related issue to CVE-2018-11812. | |||||
| CVE-2018-1000810 | 1 Rust-lang | 1 Rust | 2019-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat, passed a large number, can overflow an internal buffer. This vulnerability appears to have been fixed in 1.29.1. | |||||
| CVE-2016-10502 | 1 Qualcomm | 16 Mdm9206, Mdm9206 Firmware, Mdm9607 and 13 more | 2019-01-03 | 10.0 HIGH | 9.8 CRITICAL |
| While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 and SDA660. | |||||
| CVE-2018-5816 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2019-01-03 | 7.1 HIGH | 6.5 MEDIUM |
| An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804). | |||||
| CVE-2018-5815 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2019-01-03 | 7.1 HIGH | 6.5 MEDIUM |
| An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file. | |||||
| CVE-2018-17158 | 1 Freebsd | 1 Freebsd | 2018-12-31 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request. | |||||
| CVE-2018-18206 | 1 Bytom | 1 Bytom | 2018-12-28 | 5.0 MEDIUM | 7.5 HIGH |
| In the client in Bytom before 1.0.6, checkTopicRegister in p2p/discover/net.go does not prevent negative idx values, leading to a crash. | |||||
| CVE-2018-11260 | 1 Google | 1 Android | 2018-12-21 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a fast Initial link setup (FILS) connection request, integer overflow may lead to a buffer overflow when the key length is zero. | |||||
| CVE-2018-6983 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2018-12-19 | 7.2 HIGH | 8.8 HIGH |
| VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host. | |||||
| CVE-2017-18172 | 1 Qualcomm | 48 Mdm9635m, Mdm9635m Firmware, Sd 400 and 45 more | 2018-12-13 | 7.2 HIGH | 7.8 HIGH |
| In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. | |||||
| CVE-2018-11865 | 1 Qualcomm | 48 Mdm9206, Mdm9206 Firmware, Mdm9607 and 45 more | 2018-12-07 | 7.2 HIGH | 7.8 HIGH |
| Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | |||||
| CVE-2018-11866 | 1 Qualcomm | 50 Ipq8074, Ipq8074 Firmware, Mdm9206 and 47 more | 2018-12-07 | 7.2 HIGH | 7.8 HIGH |
| Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | |||||
| CVE-2018-18650 | 1 Xpdfreader | 1 Xpdf | 2018-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. | |||||
| CVE-2018-12361 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2018-12-06 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61. | |||||
| CVE-2018-12362 | 4 Canonical, Debian, Mozilla and 1 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2018-12-03 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. | |||||
| CVE-2018-17897 | 1 Lcds | 1 Laquis Scada | 2018-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| LAquis SCADA Versions 4.1.0.3870 and prior has several integer overflow to buffer overflow vulnerabilities, which may allow remote code execution. | |||||
| CVE-2017-16831 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. | |||||
| CVE-2017-15587 | 1 Artifex | 1 Mupdf | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11. | |||||
| CVE-2017-16830 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
| CVE-2017-16828 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. | |||||
| CVE-2017-16832 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file. | |||||
| CVE-2018-17569 | 1 Viabtc | 1 Viabtc Exchange Server | 2018-11-26 | 7.5 HIGH | 9.8 CRITICAL |
| network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption. | |||||
| CVE-2018-17570 | 1 Viabtc | 1 Viabtc Exchange Server | 2018-11-26 | 7.5 HIGH | 9.8 CRITICAL |
| utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption. | |||||
| CVE-2018-17568 | 1 Viabtc | 1 Viabtc Exchange Server | 2018-11-20 | 7.5 HIGH | 9.8 CRITICAL |
| utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption. | |||||
| CVE-2018-9498 | 1 Google | 1 Android | 2018-11-20 | 9.3 HIGH | 7.8 HIGH |
| In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78354855 | |||||
| CVE-2016-7167 | 2 Fedoraproject, Haxx | 2 Fedora, Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow. | |||||
| CVE-2017-8816 | 2 Debian, Haxx | 3 Debian Linux, Curl, Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields. | |||||
| CVE-2017-15818 | 1 Google | 1 Android | 2018-11-12 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size. | |||||
| CVE-2018-12511 | 1 Substratum | 1 Substratum | 2018-11-09 | 5.0 MEDIUM | 7.5 HIGH |
| In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily. | |||||
| CVE-2018-17050 | 1 Polyai Project | 1 Polyai | 2018-11-09 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for PolyAi (AI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2017-15828 | 1 Google | 1 Android | 2018-11-09 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow. | |||||
| CVE-2018-11886 | 1 Google | 1 Android | 2018-11-09 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function. | |||||
| CVE-2017-15422 | 5 Canonical, Debian, Google and 2 more | 7 Ubuntu Linux, Debian Linux, Chrome and 4 more | 2018-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2017-2777 | 1 Iceni | 1 Argus | 2018-11-06 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap overflow vulnerability exists in the ipStringCreate function of Iceni Argus Version 6.6.05. A specially crafted pdf file can cause an integer overflow resulting in heap overflow. An attacker can send file to trigger this vulnerability. | |||||
| CVE-2018-8441 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2018-11-02 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers. | |||||
| CVE-2008-2663 | 3 Canonical, Debian, Ruby-lang | 3 Ubuntu Linux, Debian Linux, Ruby | 2018-11-01 | 10.0 HIGH | N/A |
| Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change. | |||||
| CVE-2017-0104 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2012, Windows Server 2016 | 2018-10-30 | 9.3 HIGH | 8.1 HIGH |
| The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerability." | |||||
| CVE-2011-4093 | 4 Armin Burgmeier, Opensuse, Opensuse Project and 1 more | 4 Net6, Opensuse, Opensuse and 1 more | 2018-10-30 | 5.8 MEDIUM | N/A |
| Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided. | |||||
| CVE-2012-5143 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2018-10-30 | 10.0 HIGH | N/A |
| Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. | |||||
| CVE-2016-5159 | 2 Google, Opensuse | 2 Chrome, Leap | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c. | |||||
| CVE-2016-2347 | 3 Debian, Lhasa Project, Opensuse | 4 Debian Linux, Lhasa, Leap and 1 more | 2018-10-30 | 6.8 MEDIUM | 7.8 HIGH |
| Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive. | |||||
| CVE-2016-3945 | 2 Libtiff, Oracle | 2 Libtiff, Vm Server | 2018-10-30 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write. | |||||
| CVE-2016-5152 | 2 Google, Opensuse | 2 Chrome, Leap | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. | |||||
| CVE-2016-5158 | 2 Google, Opensuse | 2 Chrome, Leap | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. | |||||