Skip to main content

Integer Overflow

2762 CVEs technique

Monthly

CVE-2019-5040 HIGH POC This Week

An exploitable information disclosure vulnerability exists in the Weave MessageLayer parsing of Openweave-core version 4.0.2 and Nest Cam IQ Indoor version 4620002. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Openweave Core Nest Cam Iq Indoor Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2019-5037 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Buffer Overflow Nest Cam Iq Indoor Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2019-2134 HIGH This Week

In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-14973 MEDIUM PATCH This Month

_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Integer Overflow Libtiff Debian Linux Fedora +1
NVD
CVSS 3.1
6.5
EPSS
4.2%
CVE-2019-14982 MEDIUM POC PATCH This Month

In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Exiv2
NVD GitHub
CVSS 3.0
6.5
EPSS
2.0%
CVE-2019-13104 HIGH PATCH CISA Act Now

In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure U Boot Leap
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14523 HIGH POC This Week

An issue was discovered in Schism Tracker through 20190722. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Schism Tracker
NVD GitHub
CVSS 3.1
7.8
EPSS
1.2%
CVE-2019-14459 HIGH POC PATCH This Week

nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Nfdump Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.7%
CVE-2019-5060 HIGH POC This Week

An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Sdl2 Image Backports Sle Leap
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2019-5059 HIGH This Week

An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Sdl2 Image Backports Sle Leap
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2019-14199 CRITICAL CISA Emergency

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure U Boot
NVD
CVSS 3.0
9.8
EPSS
0.5%
Threat
4.0
CVE-2019-14192 CRITICAL CISA Emergency

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure U Boot
NVD
CVSS 3.0
9.8
EPSS
0.3%
Threat
4.0
CVE-2019-5459 HIGH POC This Week

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Vlc Media Player Backports Sle Backports +1
NVD
CVSS 3.1
7.1
EPSS
2.8%
CVE-2019-14444 MEDIUM POC This Month

apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Binutils Leap Ubuntu Linux +2
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2019-13126 Go HIGH PATCH This Week

An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Integer Overflow Nats Server
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2019-14295 MEDIUM POC This Month

An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Upx
NVD GitHub
CVSS 3.0
5.5
EPSS
1.5%
CVE-2019-14289 MEDIUM POC This Month

An issue was discovered in Xpdf 4.01.01. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Xpdfreader
NVD GitHub
CVSS 3.0
5.5
EPSS
1.0%
CVE-2019-14288 HIGH POC This Week

An issue was discovered in Xpdf 4.01.01. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Xpdfreader
NVD GitHub
CVSS 3.0
7.8
EPSS
1.0%
CVE-2019-2309 CRITICAL PATCH Act Now

While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Buffer Overflow Mdm9150 Firmware Mdm9206 Firmware +22
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2019-14250 MEDIUM POC This Month

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Binutils Ubuntu Linux Leap
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2019-12552 MEDIUM POC This Month

In SweetScape 010 Editor 9.0.1, an integer overflow during the initialization of variables could allow an attacker to cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow 010 Editor
NVD GitHub
CVSS 3.0
5.5
EPSS
1.5%
CVE-2019-9959 MEDIUM This Month

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Poppler Debian Linux Fedora +4
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2019-1010249 MEDIUM POC This Month

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java Integer Overflow Buffer Overflow Open Network Operating System
NVD
CVSS 3.0
4.9
EPSS
1.1%
CVE-2019-1010065 MEDIUM PATCH This Month

The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Integer Overflow The Sleuth Kit Fedora Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-1010298 CRITICAL PATCH Act Now

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow RCE Op Tee
NVD GitHub VulDB
CVSS 3.0
9.8
EPSS
5.5%
CVE-2019-1010297 CRITICAL PATCH Act Now

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Op Tee
NVD GitHub VulDB
CVSS 3.0
9.8
EPSS
1.1%
CVE-2019-1010296 CRITICAL PATCH Act Now

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow RCE Op Tee
NVD GitHub VulDB
CVSS 3.0
9.8
EPSS
1.1%
CVE-2019-1010006 HIGH POC This Week

Evince 3.26.0 is affected by buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow Evince Ubuntu Linux +2
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2019-13602 HIGH This Week

An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Buffer Overflow Vlc Media Player Debian Linux +3
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2019-13590 MEDIUM POC This Month

An issue was discovered in libsox.a in SoX 14.4.2. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Sound Exchange
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2019-5052 HIGH POC This Week

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow Sdl2 Image Debian Linux +3
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2019-13136 HIGH POC PATCH This Week

ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Imagemagick
NVD GitHub
CVSS 3.0
7.8
EPSS
1.5%
CVE-2019-13111 MEDIUM POC PATCH This Month

A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Exiv2 Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
CVE-2019-13109 MEDIUM POC PATCH This Month

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Exiv2 Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
1.6%
CVE-2019-13108 MEDIUM POC This Month

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Exiv2 Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-13107 CRITICAL PATCH Act Now

Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Matio Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2019-13049 HIGH POC This Week

An integer wrap in kernel/sys/syscall.c in ToaruOS 1.10.10 allows users to map arbitrary kernel pages into userland process space via TOARU_SYS_FUNC_MMAP, leading to escalation of privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Integer Overflow Toaruos
NVD GitHub
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-13048 MEDIUM POC This Month

kernel/sys/syscall.c in ToaruOS through 1.10.9 allows a denial of service upon a critical error in certain sys_sbrk allocation patterns (involving PAGE_SIZE, and a value less than PAGE_SIZE). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Toaruos
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-5829 HIGH This Week

Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow Chrome Backports +3
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2019-5827 HIGH POC PATCH This Week

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Integer Overflow Buffer Overflow Chrome Backports +4
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2019-5821 HIGH This Week

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow Chrome Backports +3
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2019-5820 HIGH This Week

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow Chrome Backports +3
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2019-5806 HIGH This Week

Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Microsoft Buffer Overflow Chrome +4
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2019-12980 MEDIUM PATCH This Month

In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libming
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-1628 MEDIUM This Month

A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Cisco Buffer Overflow Integrated Management Controller +1
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-2007 CRITICAL Act Now

In getReadIndex and getWriteIndex of FifoControllerBase.cpp, there is a possible out-of-bounds write due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2019-6114 HIGH POC This Week

An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Paintshop Pro 2019
NVD GitHub
CVSS 3.0
8.8
EPSS
2.6%
CVE-2019-11477 HIGH PATCH This Week

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Integer Overflow Linux Linux Kernel Big Ip Advanced Firewall Manager +22
NVD GitHub
CVSS 3.1
7.5
EPSS
98.7%
CVE-2019-3946 HIGH POC This Week

Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial of service via a crafted UDP message sent to port 8005. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow V Server
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2019-9755 HIGH This Week

An integer underflow issue exists in ntfs-3g 2017.3.23. Rated high severity (CVSS 7.0). No vendor patch available.

Integer Overflow RCE Buffer Overflow Ntfs 3G Enterprise Linux +4
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2019-6753 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Foxit Reader Phantompdf
NVD
CVSS 3.1
5.5
EPSS
10.7%
CVE-2019-9865 HIGH This Week

When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Integer Overflow RCE Vxworks
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2019-7030 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2019-2245 CRITICAL PATCH Act Now

Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Information Disclosure Mdm9206 Firmware Mdm9607 Firmware +39
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2019-2244 CRITICAL Act Now

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Information Disclosure Mdm9206 Firmware Mdm9607 Firmware +39
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2019-5795 HIGH This Week

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow Chrome Backports +1
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2019-5792 HIGH This Week

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow Chrome Backports +1
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2019-5790 HIGH This Week

An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Chrome Backports +1
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2019-5789 HIGH POC This Week

An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Microsoft RCE Chrome +2
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
7.3%
CVE-2019-5788 HIGH POC This Week

An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Chrome Backports +1
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
7.2%
CVE-2019-12247 HIGH PATCH This Week

QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Qemu
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2019-11878 MEDIUM POC This Month

An issue was discovered on XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 cameras. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Besder Ip20H1 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2019-2046 CRITICAL Act Now

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2019-9139 HIGH This Week

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Daviewindy
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-9138 HIGH This Week

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PhotoShop file that is mishandled by Daview.exe. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Daviewindy
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-9137 HIGH This Week

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed Image file that is mishandled by Daview.exe. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Daviewindy
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-2723 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2019-2034 HIGH PATCH This Week

In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Integer Overflow Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-11072 CRITICAL POC PATCH THREAT Act Now

lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Lighttpd
NVD GitHub
CVSS 3.0
9.8
EPSS
73.8%
CVE-2019-9133 MEDIUM This Month

When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Kmplayer Fedora
NVD
CVSS 3.1
5.5
EPSS
1.7%
CVE-2019-0694 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0693 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0692 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0689 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0682 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0639 NuGet HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Buffer Overflow Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
12.0%
CVE-2019-10877 CRITICAL PATCH Act Now

In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Teeworlds
NVD GitHub
CVSS 3.0
9.8
EPSS
2.2%
CVE-2019-10879 CRITICAL POC Act Now

In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow Teeworlds
NVD GitHub
CVSS 3.0
9.8
EPSS
5.0%
CVE-2019-7251 MEDIUM PATCH This Month

An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Denial Of Service Integer Overflow Asterisk
NVD
CVSS 3.0
6.5
EPSS
3.8%
CVE-2019-3857 HIGH PATCH This Week

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libssh2 Debian Linux Ontap Select Deploy Administration Utility +10
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2019-3856 HIGH PATCH This Week

An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libssh2 Debian Linux Ontap Select Deploy Administration Utility +10
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2019-3863 HIGH PATCH This Week

A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Libssh2 Debian Linux Ontap Select Deploy Administration Utility +7
NVD
CVSS 3.0
8.8
EPSS
3.4%
CVE-2019-3855 HIGH PATCH This Week

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libssh2 Fedora Debian Linux +11
NVD
CVSS 3.1
8.8
EPSS
9.2%
CVE-2019-1993 HIGH This Week

In register_app of btif_hd.cc, there is a possible memory corruption due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Integer Overflow Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-9112 MEDIUM This Month

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Xiaomi Perseus P Oss
NVD GitHub
CVSS 3.0
5.5
EPSS
0.8%
CVE-2019-9111 MEDIUM This Month

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Xiaomi Perseus P Oss
NVD GitHub
CVSS 3.0
5.5
EPSS
0.8%
CVE-2019-8355 MEDIUM This Month

An issue was discovered in SoX 14.4.2. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Sound Exchange
NVD
CVSS 3.0
5.5
EPSS
1.7%
CVE-2019-8354 MEDIUM This Month

An issue was discovered in SoX 14.4.2. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Sound Exchange Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.0
EPSS
1.6%
CVE-2019-7733 HIGH POC This Week

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Streaming Media
NVD GitHub
CVSS 3.0
7.5
EPSS
1.6%
CVE-2019-6983 MEDIUM This Month

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow 3D
NVD
CVSS 3.0
6.5
EPSS
1.1%
EPSS 1% CVSS 7.5
HIGH POC This Week

An exploitable information disclosure vulnerability exists in the Weave MessageLayer parsing of Openweave-core version 4.0.2 and Nest Cam IQ Indoor version 4620002. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Openweave Core +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Buffer Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Privilege Escalation +2
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Integer Overflow Libtiff +3
NVD
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Exiv2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH Act Now

In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure U Boot +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in Schism Tracker through 20190722. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Schism Tracker
NVD GitHub
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Nfdump +2
NVD GitHub
EPSS 4% CVSS 8.8
HIGH POC This Week

An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Sdl2 Image +2
NVD
EPSS 4% CVSS 8.8
HIGH This Week

An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Sdl2 Image +2
NVD
EPSS 1% 4.0 CVSS 9.8
CRITICAL Emergency

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure U Boot
NVD
EPSS 0% 4.0 CVSS 9.8
CRITICAL Emergency

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure U Boot
NVD
EPSS 3% CVSS 7.1
HIGH POC This Week

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Vlc Media Player +3
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Binutils +4
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Integer Overflow Nats Server
NVD GitHub VulDB
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Upx
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in Xpdf 4.01.01. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Xpdfreader
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in Xpdf 4.01.01. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Xpdfreader
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Buffer Overflow +24
NVD
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Binutils +2
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

In SweetScape 010 Editor 9.0.1, an integer overflow during the initialization of variables could allow an attacker to cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow 010 Editor
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM This Month

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Poppler +6
NVD
EPSS 1% CVSS 4.9
MEDIUM POC This Month

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java Integer Overflow Buffer Overflow +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Integer Overflow The Sleuth Kit +2
NVD GitHub
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow RCE +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Op Tee
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow RCE +1
NVD GitHub VulDB
EPSS 2% CVSS 7.8
HIGH POC This Week

Evince 3.26.0 is affected by buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow +4
NVD
EPSS 2% CVSS 7.8
HIGH This Week

An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Buffer Overflow +5
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in libsox.a in SoX 14.4.2. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Sound Exchange
NVD
EPSS 5% CVSS 8.8
HIGH POC This Week

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow +5
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Imagemagick
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Exiv2 +1
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Exiv2 +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Exiv2 +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Matio +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

An integer wrap in kernel/sys/syscall.c in ToaruOS 1.10.10 allows users to map arbitrary kernel pages into userland process space via TOARU_SYS_FUNC_MMAP, leading to escalation of privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Integer Overflow Toaruos
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

kernel/sys/syscall.c in ToaruOS through 1.10.9 allows a denial of service upon a critical error in certain sys_sbrk allocation patterns (involving PAGE_SIZE, and a value less than PAGE_SIZE). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Toaruos
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow +5
NVD
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Integer Overflow Buffer Overflow +6
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow +5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow +5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Microsoft +6
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libming
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Cisco +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In getReadIndex and getWriteIndex of FifoControllerBase.cpp, there is a possible out-of-bounds write due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Privilege Escalation +2
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Paintshop Pro 2019
NVD GitHub
EPSS 99% CVSS 7.5
HIGH PATCH This Week

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Integer Overflow Linux +24
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial of service via a crafted UDP message sent to port 8005. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow V Server
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An integer underflow issue exists in ntfs-3g 2017.3.23. Rated high severity (CVSS 7.0). No vendor patch available.

Integer Overflow RCE Buffer Overflow +6
NVD
EPSS 11% CVSS 5.5
MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Foxit Reader +1
NVD
EPSS 2% CVSS 8.1
HIGH This Week

When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Integer Overflow RCE +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Adobe +2
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Information Disclosure +41
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Information Disclosure +41
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Buffer Overflow +3
NVD
EPSS 2% CVSS 8.8
HIGH This Week

An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE +3
NVD
EPSS 7% CVSS 8.8
HIGH POC This Week

An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow Microsoft +4
NVD Exploit-DB
EPSS 7% CVSS 8.8
HIGH POC This Week

An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE +3
NVD Exploit-DB
EPSS 3% CVSS 7.5
HIGH PATCH This Week

QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Qemu
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered on XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 cameras. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Besder Ip20H1 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Daviewindy
NVD
EPSS 1% CVSS 7.8
HIGH This Week

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PhotoShop file that is mishandled by Daview.exe. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Daviewindy
NVD
EPSS 1% CVSS 7.8
HIGH This Week

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed Image file that is mishandled by Daview.exe. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Daviewindy
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Integer Overflow Privilege Escalation +2
NVD
EPSS 74% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Lighttpd
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM This Month

When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Kmplayer +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 12% CVSS 7.5
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Buffer Overflow +1
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Teeworlds
NVD GitHub
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow +1
NVD GitHub
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Denial Of Service Integer Overflow Asterisk
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Week

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libssh2 +12
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Week

An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libssh2 +12
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Libssh2 +9
NVD
EPSS 9% CVSS 8.8
HIGH PATCH This Week

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libssh2 +13
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In register_app of btif_hd.cc, there is a possible memory corruption due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Integer Overflow Privilege Escalation +2
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Xiaomi Perseus P Oss
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM This Month

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Xiaomi Perseus P Oss
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM This Month

An issue was discovered in SoX 14.4.2. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Sound Exchange
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

An issue was discovered in SoX 14.4.2. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Sound Exchange +2
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Streaming Media
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow 3D
NVD
Prev Page 20 of 31 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy