Search
Total
1941 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23852 | 5 Debian, Libexpat Project, Netapp and 2 more | 6 Debian Linux, Libexpat, Clustered Data Ontap and 3 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. | |||||
| CVE-2022-22823 | 2 Libexpat Project, Tenable | 2 Libexpat, Nessus | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2021-46143 | 3 Libexpat Project, Netapp, Tenable | 5 Libexpat, Clustered Data Ontap, Oncommand Workflow Automation and 2 more | 2022-06-14 | 6.8 MEDIUM | 7.8 HIGH |
| In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. | |||||
| CVE-2022-25315 | 4 Debian, Fedoraproject, Libexpat Project and 1 more | 5 Debian Linux, Fedora, Libexpat and 2 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | |||||
| CVE-2017-2921 | 1 Cesanta | 1 Mongoose | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An attacker needs to send a specially crafted websocket packet over network to trigger this vulnerability. | |||||
| CVE-2017-2902 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2903 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2899 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2901 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2905 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2906 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerability. | |||||
| CVE-2017-2904 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2900 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2907 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerability. | |||||
| CVE-2017-2908 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to render the thumbnail for the file while in the File->Open dialog. | |||||
| CVE-2017-2918 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | |||||
| CVE-2018-20546 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-06-13 | 5.8 MEDIUM | 8.1 HIGH |
| There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. | |||||
| CVE-2018-20545 | 4 Canonical, Fedoraproject, Libcaca Project and 1 more | 4 Ubuntu Linux, Fedora, Libcaca and 1 more | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. | |||||
| CVE-2022-21761 | 2 Google, Mediatek | 44 Android, Mt6761, Mt6762 and 41 more | 2022-06-13 | 4.9 MEDIUM | 4.4 MEDIUM |
| In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479532; Issue ID: ALPS06479532. | |||||
| CVE-2022-21760 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2022-06-13 | 4.9 MEDIUM | 4.4 MEDIUM |
| In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479562; Issue ID: ALPS06479562. | |||||
| CVE-2022-21762 | 2 Google, Mediatek | 13 Android, Mt6853, Mt6873 and 10 more | 2022-06-13 | 4.9 MEDIUM | 4.4 MEDIUM |
| In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06477946; Issue ID: ALPS06477946. | |||||
| CVE-2022-31005 | 1 Vapor | 1 Vapor | 2022-06-10 | 5.0 MEDIUM | 7.5 HIGH |
| Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. Version 4.60.3 contains a patch for this issue. As a workaround, disable FileMiddleware and serve via a Content Delivery Network. | |||||
| CVE-2022-1926 | 1 Trudesk Project | 1 Trudesk | 2022-06-08 | 4.0 MEDIUM | 4.9 MEDIUM |
| Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. | |||||
| CVE-2022-26711 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2022-29358 | 1 Epub2txt2 Project | 1 Epub2txt2 | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in _parse_special_tag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XML file. | |||||
| CVE-2020-13579 | 1 Softmaker | 1 Planmaker 2021 | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation. Later when copying data from the file into this allocation, a heap-based buffer overflow will occur which can corrupt memory. These types of memory corruptions can allow for code execution under the context of the application. An attacker can entice the victim to open a document to trigger this vulnerability. | |||||
| CVE-2017-2870 | 2 Debian, Gnome | 2 Debian Linux, Gdk-pixbuf | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability. | |||||
| CVE-2017-2888 | 3 Canonical, Debian, Libsdl | 3 Ubuntu Linux, Debian Linux, Simple Directmedia Layer | 2022-06-07 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability. | |||||
| CVE-2017-2892 | 1 Cesanta | 1 Mongoose | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of service and remote code execution. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability. | |||||
| CVE-2020-6059 | 1 Minisnmpd Project | 1 Minisnmpd | 2022-06-07 | 6.4 MEDIUM | 8.2 HIGH |
| An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out of bounds memory read which can result in sensitive information disclosure and Denial Of Service. In order to trigger this vulnerability, an attacker needs to send a specially crafted packet to the vulnerable server. | |||||
| CVE-2019-5040 | 2 Google, Openweave | 3 Nest Cam Iq Indoor, Nest Cam Iq Indoor Firmware, Openweave-core | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable information disclosure vulnerability exists in the Weave MessageLayer parsing of Openweave-core version 4.0.2 and Nest Cam IQ Indoor version 4620002. A specially crafted weave packet can cause an integer overflow to occur, resulting in PacketBuffer data reuse. An attacker can send a packet to trigger this vulnerability. | |||||
| CVE-2022-29219 | 1 Chainsafe | 1 Lodestar | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted `AttesterSlashing` or `ProposerSlashing` being included on-chain. Because the developers represent `uint64` values as native javascript `number`s, there is an issue when those variables with large (greater than 2^53) `uint64` values are included on chain. In those cases, Lodestar may view valid_`AttesterSlashing` or `ProposerSlashing` as invalid, due to rounding errors in large `number` values. This causes a consensus split, where Lodestar nodes are forked away from the main network. Similarly, Lodestar may consider invalid `ProposerSlashing` as valid, thus including in proposed blocks that will be considered invalid by the network. Version 0.36.0 contains a fix for this issue. As a workaround, use `BigInt` to represent `Slot` and `Epoch` values in `AttesterSlashing` and `ProposerSlashing` objects. `BigInt` is too slow to be used in all `Slot` and `Epoch` cases, so one may carefully use `BigInt` just where necessary for consensus. | |||||
| CVE-2010-0129 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2022-06-07 | 9.3 HIGH | 8.8 HIGH |
| Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error. | |||||
| CVE-2021-29478 | 2 Fedoraproject, Redislabs | 2 Fedora, Redis | 2022-06-04 | 6.0 MEDIUM | 8.8 HIGH |
| Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and earlier are not directly affected by this issue. The problem is fixed in version 6.2.3. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `set-max-intset-entries` configuration parameter. This can be done using ACL to restrict unprivileged users from using the `CONFIG SET` command. | |||||
| CVE-2021-29477 | 2 Fedoraproject, Redislabs | 2 Fedora, Redis | 2022-06-04 | 6.5 MEDIUM | 8.8 HIGH |
| Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the `STRALGO LCS` command to corrupt the heap and potentially result with remote code execution. The problem is fixed in version 6.2.3 and 6.0.13. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the `STRALGO LCS` command. | |||||
| CVE-2017-2838 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2022-06-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | |||||
| CVE-2017-2837 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2022-06-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | |||||
| CVE-2020-6073 | 2 Debian, Videolabs | 2 Debian Linux, Libmicrodns | 2022-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS message to trigger this vulnerability. | |||||
| CVE-2022-29203 | 1 Google | 1 Tensorflow | 2022-06-02 | 2.1 LOW | 5.5 MEDIUM |
| TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a `CHECK`-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | |||||
| CVE-2022-31264 | 1 Solana | 1 Rbpf | 2022-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. | |||||
| CVE-2016-9427 | 3 Bdwgc Project, Debian, Opensuse | 4 Bdwgc, Debian Linux, Leap and 1 more | 2022-06-01 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation. | |||||
| CVE-2021-20203 | 3 Debian, Fedoraproject, Qemu | 3 Debian Linux, Fedora, Qemu | 2022-06-01 | 2.1 LOW | 3.2 LOW |
| An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. | |||||
| CVE-2021-21837 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2022-05-31 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | |||||
| CVE-2021-21850 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2022-05-31 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “trun” FOURCC code due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | |||||
| CVE-2021-21851 | 1 Gpac | 1 Gpac | 2022-05-31 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “csgp” decoder sample group description indices can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | |||||
| CVE-2021-21852 | 1 Gpac | 1 Gpac | 2022-05-31 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | |||||
| CVE-2022-28195 | 1 Nvidia | 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx | 2022-05-30 | 4.6 MEDIUM | 4.2 MEDIUM |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components. | |||||
| CVE-2022-28197 | 1 Nvidia | 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx | 2022-05-30 | 4.6 MEDIUM | 3.9 LOW |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. This difficult-to-exploit vulnerability may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components. | |||||
| CVE-2022-29030 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-05-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | |||||
| CVE-2022-1754 | 1 Trudesk Project | 1 Trudesk | 2022-05-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. | |||||