Skip to main content

Integer Overflow

2762 CVEs technique

Monthly

CVE-2021-1895 HIGH PATCH This Week

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Integer Overflow Apq8009W Firmware Apq8017 Firmware +412
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29478 HIGH This Week

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Redis Integer Overflow RCE Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
3.6%
CVE-2021-29477 HIGH This Week

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Redis Integer Overflow RCE Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
4.0%
CVE-2021-31873 CRITICAL PATCH Act Now

An issue was discovered in klibc before 2.0.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Klibc Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-31872 CRITICAL PATCH Act Now

An issue was discovered in klibc before 2.0.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Klibc Debian Linux
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-31871 HIGH PATCH This Week

An issue was discovered in klibc before 2.0.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Klibc Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2021-31870 CRITICAL PATCH Act Now

An issue was discovered in klibc before 2.0.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Klibc Debian Linux
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-31426 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Parallels Desktop
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-31425 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Parallels Desktop
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-21223 CRITICAL Act Now

Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Chrome Debian Linux +1
NVD
CVSS 3.1
9.6
EPSS
1.4%
CVE-2021-3472 HIGH PATCH This Week

A flaw was found in xorg-x11-server in versions before 1.20.11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Privilege Escalation X Server Fedora Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-31572 CRITICAL PATCH Act Now

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Freertos
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-31571 CRITICAL PATCH Act Now

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Freertos
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-30022 MEDIUM POC PATCH This Month

There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
1.1%
CVE-2021-30014 MEDIUM POC PATCH This Month

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
1.1%
CVE-2021-29279 HIGH POC PATCH This Week

There is a integer overflow in function filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Gpac
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-27259 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. Rated high severity (CVSS 7.8). No vendor patch available.

Integer Overflow RCE Parallels Desktop
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-29338 MEDIUM POC This Month

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Openjpeg Fedora Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
1.6%
CVE-2021-0436 MEDIUM PATCH This Month

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Google Buffer Overflow Integer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-27486 HIGH This Week

FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow RCE Winproladder
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-28879 CRITICAL POC PATCH Act Now

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Rust Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-20308 CRITICAL POC Act Now

Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service RCE Htmldoc Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-3477 MEDIUM PATCH This Month

There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Openexr Debian Linux
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-3476 MEDIUM PATCH This Month

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Openexr Debian Linux
NVD
CVSS 3.1
5.3
EPSS
1.8%
CVE-2021-3475 MEDIUM PATCH This Month

There is a flaw in OpenEXR in versions before 3.0.0-beta. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Openexr Debian Linux
NVD
CVSS 3.1
5.3
EPSS
1.8%
CVE-2021-3474 MEDIUM PATCH This Month

There's a flaw in OpenEXR in versions before 3.0.0-beta. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Openexr Debian Linux
NVD
CVSS 3.1
5.3
EPSS
1.8%
CVE-2021-27243 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Parallels Desktop
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2021-28362 HIGH This Week

An issue was discovered in Contiki through 3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Contiki
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-0460 MEDIUM This Month

In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-0458 MEDIUM This Month

In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-0393 HIGH This Week

In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow RCE Android
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-29238 HIGH POC THREAT Act Now

An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.7%.

Buffer Overflow Integer Overflow Nginx Expressvpn
NVD Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
16.7%
CVE-2021-3420 CRITICAL PATCH Act Now

A flaw was found in newlib in versions prior to 4.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Newlib Fedora
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-28027 Cargo CRITICAL PATCH Act Now

An issue was discovered in the bam crate before 0.1.3 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Bam
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-21309 HIGH PATCH This Week

Redis is an open-source, in-memory database that persists on disk. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Redis Integer Overflow RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
4.7%
CVE-2021-20203 LOW POC PATCH Monitor

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Qemu Fedora Debian Linux
NVD
CVSS 3.1
3.2
EPSS
0.6%
CVE-2021-23840 Cargo HIGH PATCH This Week

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

OpenSSL Integer Overflow Denial Of Service Debian Linux Log Correlation Engine +18
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-21036 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Integer Overflow Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-26825 HIGH PATCH This Week

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Integer Overflow RCE Godot Engine
NVD GitHub
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-0355 MEDIUM This Month

In kisd, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0354 MEDIUM This Month

In ged, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0312 MEDIUM This Month

In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Information Disclosure Android
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-1059 HIGH This Week

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Nvidia Information Disclosure Virtual Gpu Manager
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-35738 MEDIUM POC This Month

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Wavpack Debian Linux Fedora
NVD GitHub
CVSS 3.1
6.1
EPSS
1.2%
CVE-2020-29361 HIGH This Week

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow P11 Kit Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
3.4%
CVE-2020-27051 HIGH PATCH This Week

In NFA_RwI93WriteMultipleBlocks of nfa_rw_api.cc, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Buffer Overflow Privilege Escalation Integer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0495 MEDIUM This Month

In decode_Huffman of JBig2_SddProc.cpp, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Integer Overflow Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-35457 HIGH POC PATCH This Week

GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Glib
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-0458 HIGH PATCH This Week

In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEncoder.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Buffer Overflow RCE Integer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2020-17443 HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Picotcp
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-17442 HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integer Overflow Picotcp
NVD
CVSS 3.1
7.5
EPSS
2.9%
CVE-2020-13988 HIGH This Week

An issue was discovered in Contiki through 3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Contiki Ng
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2020-13985 HIGH This Week

An issue was discovered in Contiki through 3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Contiki
NVD
CVSS 3.1
7.5
EPSS
4.8%
CVE-2020-27350 MEDIUM This Month

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Advanced Package Tool Solidfire Baseboard Management Controller Firmware
NVD
CVSS 3.1
5.7
EPSS
0.4%
CVE-2020-27758 LOW POC Monitor

A flaw was found in ImageMagick in coders/txt.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27757 LOW POC Monitor

A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Red Hat Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27754 LOW POC Monitor

In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27751 LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/quantum-export.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-25676 MEDIUM POC This Month

In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2020-25675 LOW POC Monitor

In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27911 HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Microsoft Integer Overflow Icloud +6
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2020-27906 HIGH This Week

Multiple integer overflows were addressed with improved input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Integer Overflow macOS
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2020-25666 LOW POC Monitor

There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.2%
CVE-2020-27772 LOW POC Monitor

A flaw was found in ImageMagick in coders/bmp.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Enterprise Linux Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27776 LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/statistic.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Enterprise Linux
NVD
CVSS 3.1
3.3
EPSS
0.9%
CVE-2020-27775 LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/quantum.h. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Enterprise Linux Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27774 LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/statistic.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Enterprise Linux Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27771 LOW POC Monitor

In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Red Hat Integer Overflow Imagemagick Enterprise Linux +1
NVD
CVSS 3.1
3.3
EPSS
1.2%
CVE-2020-27770 MEDIUM POC This Month

Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-27767 LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/quantum.h. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Enterprise Linux Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27766 HIGH POC This Week

A flaw was found in ImageMagick in MagickCore/statistic.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-27764 LOW PATCH Monitor

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow Imagemagick Debian Linux
NVD GitHub
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27762 MEDIUM PATCH This Month

A flaw was found in ImageMagick in coders/hdr.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-27761 LOW PATCH Monitor

WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27759 LOW PATCH Monitor

In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-25693 HIGH POC This Week

A flaw was found in CImg in versions prior to 2.9.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Cimg Fedora
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2020-27813 Go HIGH PATCH This Week

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Websocket Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2020-29384 MEDIUM POC This Month

An issue was discovered in PNGOUT 2020-01-15. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Pngout
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2020-27484 CRITICAL POC Act Now

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Forerunner 235 Firmware
NVD GitHub
CVSS 3.1
9.9
EPSS
1.7%
CVE-2020-16273 HIGH This Week

In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Integer Overflow Armv8 M Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8760 HIGH This Week

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Integer Overflow Active Management Technology Firmware Cloud Backup
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-8746 MEDIUM This Month

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Integer Overflow Active Management Technology Firmware Cloud Backup
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-11208 HIGH POC This Week

Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument' in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Sd820 Firmware Sd821 Firmware Qcs603 Firmware +10
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2020-11205 HIGH This Week

u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow Qsm8350 Firmware Sa6145p Firmware +12
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-11184 CRITICAL Act Now

u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow Qcm4290 Firmware Qcs4290 Firmware +27
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-11131 HIGH This Week

u'Possible buffer overflow in WMA message processing due to integer overflow occurs when processing command received from user space' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow Apq8009 Firmware Apq8053 Firmware +12
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-11127 HIGH This Week

u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded' in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow Mdm9205 Firmware Qcm4290 Firmware +51
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-0452 CRITICAL PATCH Act Now

In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Buffer Overflow RCE Integer Overflow Android +1
NVD
CVSS 3.1
9.8
EPSS
3.2%
CVE-2020-0409 HIGH PATCH This Week

In create of FileMap.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Buffer Overflow Privilege Escalation Integer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-28371 CRITICAL PATCH Act Now

An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Java Integer Overflow Avian
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Integer Overflow +414
NVD
EPSS 4% CVSS 8.8
HIGH This Week

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Redis Integer Overflow RCE +1
NVD GitHub
EPSS 4% CVSS 8.8
HIGH This Week

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Redis Integer Overflow RCE +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in klibc before 2.0.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Klibc +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in klibc before 2.0.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Klibc +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in klibc before 2.0.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Klibc +1
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in klibc before 2.0.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Klibc +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Parallels Desktop
NVD
EPSS 0% CVSS 8.8
HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Parallels Desktop
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A flaw was found in xorg-x11-server in versions before 1.20.11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Privilege Escalation X Server +3
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Freertos
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Freertos
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Gpac
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Gpac
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

There is a integer overflow in function filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Gpac
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. Rated high severity (CVSS 7.8). No vendor patch available.

Integer Overflow RCE Parallels Desktop
NVD
EPSS 2% CVSS 5.5
MEDIUM POC This Month

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Openjpeg +2
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Google Buffer Overflow Integer Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow RCE +1
NVD
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Rust +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service RCE +2
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Openexr +1
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Openexr +1
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

There is a flaw in OpenEXR in versions before 3.0.0-beta. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Openexr +1
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

There's a flaw in OpenEXR in versions before 3.0.0-beta. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Openexr +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Parallels Desktop
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Contiki through 3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Contiki
NVD GitHub
EPSS 0% CVSS 4.4
MEDIUM This Month

In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow +2
NVD
EPSS 17% CVSS 7.5
HIGH POC THREAT Act Now

An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.7%.

Buffer Overflow Integer Overflow Nginx +1
NVD Exploit-DB VulDB
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

A flaw was found in newlib in versions prior to 4.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Newlib +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in the bam crate before 0.1.3 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Bam
NVD
EPSS 5% CVSS 8.8
HIGH PATCH This Week

Redis is an open-source, in-memory database that persists on disk. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Redis Integer Overflow +1
NVD GitHub
EPSS 1% CVSS 3.2
LOW POC PATCH Monitor

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Qemu +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

OpenSSL Integer Overflow Denial Of Service +20
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Integer Overflow Adobe +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Integer Overflow RCE +1
NVD GitHub
EPSS 0% CVSS 6.7
MEDIUM This Month

In kisd, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ged, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Nvidia +2
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Wavpack +2
NVD GitHub
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow P11 Kit +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In NFA_RwI93WriteMultipleBlocks of nfa_rw_api.cc, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In decode_Huffman of JBig2_SddProc.cpp, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure +2
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Glib
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEncoder.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Buffer Overflow RCE +2
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Picotcp
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integer Overflow Picotcp
NVD
EPSS 4% CVSS 7.5
HIGH This Week

An issue was discovered in Contiki through 3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Contiki Ng
NVD
EPSS 5% CVSS 7.5
HIGH This Week

An issue was discovered in Contiki through 3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Contiki
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Advanced Package Tool +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

A flaw was found in ImageMagick in coders/txt.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Red Hat Integer Overflow +2
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/quantum-export.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick +1
NVD
EPSS 3% CVSS 7.8
HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Microsoft +8
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Multiple integer overflows were addressed with improved input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Integer Overflow +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

A flaw was found in ImageMagick in coders/bmp.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick +2
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/statistic.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/quantum.h. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick +2
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/statistic.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick +2
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Red Hat Integer Overflow +3
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/quantum.h. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick +2
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

A flaw was found in ImageMagick in MagickCore/statistic.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow +2
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in ImageMagick in coders/hdr.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Integer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow +2
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow +2
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

A flaw was found in CImg in versions prior to 2.9.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Cimg +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Websocket +1
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in PNGOUT 2020-01-15. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Pngout
NVD GitHub
EPSS 2% CVSS 9.9
CRITICAL POC Act Now

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Forerunner 235 Firmware
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Integer Overflow Armv8 M Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Integer Overflow +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Integer Overflow +2
NVD
EPSS 2% CVSS 7.8
HIGH POC This Week

Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument' in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Sd820 Firmware +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow +14
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow +29
NVD
EPSS 0% CVSS 7.8
HIGH This Week

u'Possible buffer overflow in WMA message processing due to integer overflow occurs when processing command received from user space' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow +14
NVD
EPSS 0% CVSS 7.8
HIGH This Week

u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded' in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow +53
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Buffer Overflow RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In create of FileMap.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Java Integer Overflow +1
NVD GitHub
Prev Page 17 of 31 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy