Skip to main content

Integer Overflow

2762 CVEs technique

Monthly

CVE-2017-16663 MEDIUM This Month

In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Sam2P
NVD GitHub
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-2921 CRITICAL POC Act Now

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Denial Of Service Buffer Overflow Mongoose
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2017-2892 CRITICAL Act Now

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service Information Disclosure Mongoose
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2017-1000121 CRITICAL PATCH Act Now

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Apple Buffer Overflow Webkitgtk
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-10954 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security Internet Security 2018 prior to build 7.72918. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Internet Security 2018
NVD
CVSS 3.0
8.8
EPSS
6.3%
CVE-2017-5063 HIGH This Week

A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome +3
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2017-15874 MEDIUM POC This Month

archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Busybox
NVD
CVSS 3.1
5.0
EPSS
0.3%
CVE-2017-15873 MEDIUM POC PATCH This Month

The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Busybox Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-15587 HIGH This Week

An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Mupdf
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2888 HIGH POC This Week

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow Simple Directmedia Layer Ubuntu Linux +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2017-9683 HIGH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a meta image, an integer overflow can occur, if user-defined image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Linux Buffer Overflow Google Integer Overflow Mozilla +1
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-14997 MEDIUM PATCH This Month

GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Graphicsmagick Debian Linux
NVD
CVSS 3.0
6.5
EPSS
1.9%
CVE-2017-14496 HIGH POC PATCH THREAT Act Now

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

Integer Overflow Denial Of Service Ubuntu Linux Debian Linux Android +5
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
16.9%
CVE-2017-14861 MEDIUM POC This Month

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Exiv2
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-14796 HIGH POC This Week

The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libbpg
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2015-1537 HIGH POC PATCH This Week

Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2015-1526 MEDIUM POC This Month

The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-14745 HIGH PATCH This Week

The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Binutils
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-14636 CRITICAL Act Now

Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Sam2P
NVD GitHub
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9282 CRITICAL Act Now

An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Visibroker
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9281 HIGH This Week

An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow Visibroker
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-8250 HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, user controlled variables "nr_cmds" and "nr_bos" number are passed across functions without any check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Linux Buffer Overflow Google Integer Overflow Qualcomm +1
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14630 CRITICAL POC Act Now

In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Sam2P
NVD GitHub
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-14629 HIGH POC This Week

In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Sam2P
NVD GitHub
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-9607 HIGH PATCH This Week

The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service
NVD GitHub VulDB
CVSS 3.1
7.0
EPSS
0.2%
CVE-2015-1527 HIGH POC PATCH This Week

Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Google Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-14333 HIGH This Week

The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Binutils
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-14167 HIGH PATCH This Week

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Buffer Overflow Qemu Debian Linux
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2017-14173 MEDIUM POC PATCH This Month

In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Imagemagick Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2017-2870 HIGH POC This Week

An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Gdk Pixbuf Debian Linux
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2017-14062 CRITICAL PATCH Act Now

Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libidn2 Debian Linux
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2017-14061 CRITICAL PATCH Act Now

Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libidn2
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-14051 MEDIUM PATCH This Month

An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux Buffer Overflow Linux Kernel
NVD
CVSS 3.0
4.4
EPSS
0.1%
CVE-2016-10507 MEDIUM PATCH This Month

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Openjpeg
NVD GitHub
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-12797 MEDIUM This Month

Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow Mpg123
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2017-13666 MEDIUM POC This Month

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service X265
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-5208 HIGH This Week

Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service Buffer Overflow Icoutils +7
NVD
CVSS 3.0
8.8
EPSS
1.3%
CVE-2017-8267 HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Linux Buffer Overflow Google Integer Overflow Qualcomm +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-8255 HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Linux Buffer Overflow Google Integer Overflow Qualcomm +1
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-10346 CRITICAL Act Now

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Linux Buffer Overflow Google Integer Overflow Qualcomm +1
NVD
CVSS 3.0
9.8
EPSS
0.1%
CVE-2017-12864 PyPI HIGH PATCH This Week

In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Denial Of Service Opencv Debian Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
1.7%
CVE-2017-12863 PyPI HIGH PATCH This Week

In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Denial Of Service Opencv Debian Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
1.7%
CVE-2014-0143 HIGH PATCH This Week

Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in. Rated high severity (CVSS 7.0).

Integer Overflow Denial Of Service Buffer Overflow Enterprise Linux Qemu
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0729 HIGH PATCH This Week

A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-2311 CRITICAL Act Now

Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service Capnproto
NVD GitHub
CVSS 3.0
9.8
EPSS
1.0%
CVE-2015-2310 CRITICAL Act Now

Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Capnproto
NVD GitHub
CVSS 3.1
9.1
EPSS
0.5%
CVE-2017-12425 HIGH This Week

An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Varnish Varnish Cache
NVD GitHub
CVSS 3.0
7.5
EPSS
1.0%
CVE-2017-11757 CRITICAL POC Act Now

Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Microsoft Buffer Overflow Pervasive Psql +1
NVD
CVSS 3.0
9.8
EPSS
3.3%
CVE-2017-9835 HIGH POC This Week

The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow Ghostscript Debian Linux
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-7542 MEDIUM PATCH This Month

The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-9765 HIGH POC This Week

Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow RCE Denial Of Service Buffer Overflow Gsoap
NVD
CVSS 3.0
8.1
EPSS
9.1%
CVE-2017-7529 HIGH Act Now

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 91.9% and no vendor patch available.

Integer Overflow Nginx Information Disclosure Puppet Enterprise Xcode
NVD
CVSS 3.1
7.5
EPSS
91.9%
Threat
4.3
CVE-2017-2820 HIGH POC This Week

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Poppler
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2017-0702 HIGH This Week

A remote code execution vulnerability in the Android system ui. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0691 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-10791 MEDIUM POC This Month

There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Pspp
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-9832 MEDIUM PATCH This Month

An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow RCE Denial Of Service Libmtp
NVD
CVSS 3.0
6.8
EPSS
0.2%
CVE-2017-9831 MEDIUM PATCH This Month

An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow RCE Denial Of Service Libmtp
NVD
CVSS 3.0
6.8
EPSS
0.2%
CVE-2017-9776 HIGH PATCH This Week

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow Poppler Debian Linux +6
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2017-2782 MEDIUM POC This Month

An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Matrixssl
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2012-6706 CRITICAL POC Act Now

A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Sophos Buffer Overflow Threat Detection Engine +1
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2017-2813 HIGH This Week

An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Irfanview
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2017-7367 HIGH PATCH This Week

In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2014-9964 HIGH This Week

In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Google Linux Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-4913 HIGH This Week

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. Rated high severity (CVSS 7.8). No vendor patch available.

Integer Overflow Denial Of Service Microsoft VMware Horizon View +1
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-9005 HIGH PATCH This Week

In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2014-9944 HIGH PATCH This Week

In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-8782 MEDIUM POC This Month

The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libming
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-9214 CRITICAL PATCH Act Now

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Openvswitch Debian Linux Openstack +2
NVD
CVSS 3.1
9.8
EPSS
4.4%
CVE-2017-9200 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-9199 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9198 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9197 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9196 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9187 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9186 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9185 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9184 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9162 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:191:2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9161 CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2016-5735 HIGH POC PATCH This Week

Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Pngquant
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2015-1529 HIGH PATCH This Week

Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Google Android
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-8998 HIGH PATCH This Week

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-8995 HIGH PATCH This Week

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2014-9935 HIGH PATCH This Week

In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2014-9932 HIGH PATCH This Week

In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-6889 CRITICAL PATCH Act Now

An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libraw Demosaic Pack Gpl2
NVD GitHub
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-8924 MEDIUM PATCH This Month

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Linux Information Disclosure Linux Kernel Debian Linux
NVD GitHub
CVSS 3.0
4.6
EPSS
0.1%
CVE-2017-0611 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Qualcomm Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0603 MEDIUM PATCH This Month

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Google Android
NVD
CVSS 3.0
4.7
EPSS
0.1%
EPSS 0% CVSS 5.5
MEDIUM This Month

In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Sam2P
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Apple Buffer Overflow +1
NVD
EPSS 6% CVSS 8.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security Internet Security 2018 prior to build 7.72918. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Internet Security 2018
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow +5
NVD
EPSS 0% CVSS 5.0
MEDIUM POC This Month

archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Busybox
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Busybox +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Mupdf
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a meta image, an integer overflow can occur, if user-defined image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Linux Buffer Overflow Google +3
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Graphicsmagick +1
NVD
EPSS 17% CVSS 7.5
HIGH POC PATCH THREAT Act Now

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

Integer Overflow Denial Of Service Ubuntu Linux +7
NVD Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Exiv2
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libbpg
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Google +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Google +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Binutils
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Sam2P
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Visibroker
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, user controlled variables "nr_cmds" and "nr_bos" number are passed across functions without any check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Linux Buffer Overflow Google +3
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Sam2P
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Sam2P
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Google Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Binutils
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Imagemagick +2
NVD GitHub
EPSS 2% CVSS 7.8
HIGH POC This Week

An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Gdk Pixbuf +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libidn2 +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libidn2
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Openjpeg
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service X265
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service +9
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Linux Buffer Overflow Google +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Linux Buffer Overflow Google +3
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Linux Buffer Overflow Google +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Denial Of Service +2
NVD GitHub
EPSS 2% CVSS 8.8
HIGH PATCH This Week

In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in. Rated high severity (CVSS 7.0).

Integer Overflow Denial Of Service Buffer Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Google Information Disclosure +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL Act Now

Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Capnproto
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Varnish +1
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Microsoft +3
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux +1
NVD GitHub
EPSS 9% CVSS 8.1
HIGH POC This Week

Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 92% 4.3 CVSS 7.5
HIGH Act Now

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 91.9% and no vendor patch available.

Integer Overflow Nginx Information Disclosure +2
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Poppler
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A remote code execution vulnerability in the Android system ui. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Google +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Google +1
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Pspp
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow RCE Denial Of Service +1
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow RCE Denial Of Service +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow +8
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Matrixssl
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Sophos +3
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Irfanview
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Google Linux +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. Rated high severity (CVSS 7.8). No vendor patch available.

Integer Overflow Denial Of Service Microsoft +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux +2
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libming
NVD
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Openvswitch +4
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:191:2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Autotrace
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Pngquant
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Google +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Google Linux +2
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libraw Demosaic Pack Gpl2
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Linux Information Disclosure +2
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Qualcomm +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Google +1
NVD
Prev Page 28 of 31 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy