Skip to main content

Integer Overflow

2762 CVEs technique

Monthly

CVE-2017-0597 HIGH PATCH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-8911 CRITICAL PATCH Act Now

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Tnef
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8906 MEDIUM POC This Month

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service X265 High Efficiency Video Coding
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-5051 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5050 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5049 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5048 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5047 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5037 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2017-3599 HIGH POC PATCH THREAT Act Now

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 87.3%.

Integer Overflow Denial Of Service Oracle MySQL
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
87.3%
Threat
5.6
CVE-2016-6916 HIGH This Week

Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Google Integer Overflow Nvidia +4
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-2347 HIGH POC PATCH This Week

Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Leap Opensuse Debian Linux +1
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-5762 CRITICAL Act Now

Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Buffer Overflow Groupwise
NVD
CVSS 3.0
9.8
EPSS
8.4%
CVE-2017-7982 MEDIUM This Month

Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Libplist
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-7976 HIGH This Week

Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Jbig2Dec
NVD
CVSS 3.0
7.1
EPSS
0.3%
CVE-2017-7975 HIGH This Week

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service Jbig2Dec
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-7948 HIGH POC This Week

Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow Ghostscript
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-7885 HIGH This Week

Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Jbig2Dec
NVD
CVSS 3.0
7.1
EPSS
0.3%
CVE-2017-3034 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
3.0%
CVE-2017-3011 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
4.8%
CVE-2017-7603 HIGH POC This Week

au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libaacplus
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2017-7602 HIGH POC This Week

LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libtiff
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0576 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow RCE Qualcomm Google Linux Kernel
NVD GitHub
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0553 HIGH This Week

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow RCE Google Android
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2016-10319 MEDIUM PATCH This Month

In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow Buffer Overflow Arm Trusted Firmware
NVD GitHub
CVSS 3.0
5.9
EPSS
0.4%
CVE-2016-8795 MEDIUM This Month

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00,. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow Huawei Buffer Overflow Cloudengine 5800 Firmware Cloudengine 6800 Firmware +4
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2016-6177 MEDIUM This Month

The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Huawei Buffer Overflow Oceanstor 5800 V3 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-2440 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Apple Denial Of Service Iphone Os +3
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-7395 MEDIUM PATCH This Month

In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Denial Of Service Tigervnc
NVD GitHub
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-7294 HIGH PATCH This Week

The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Linux Buffer Overflow Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2016-9123 Go HIGH PATCH GHSA This Week

go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Authentication Bypass Go Jose
NVD GitHub
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-5931 HIGH PATCH This Week

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Denial Of Service Buffer Overflow Qemu
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2016-10268 HIGH PATCH This Week

tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libtiff
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-9557 MEDIUM PATCH This Month

Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (application crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Jasper
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-9387 HIGH PATCH This Week

Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Jasper
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2016-9262 MEDIUM PATCH This Month

Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Jasper
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-6839 MEDIUM PATCH This Month

Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Audiofile
NVD GitHub
CVSS 3.0
5.5
EPSS
5.8%
CVE-2017-6838 MEDIUM PATCH This Month

Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Audiofile
NVD GitHub
CVSS 3.0
5.5
EPSS
5.8%
CVE-2015-8983 HIGH PATCH This Week

Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow RCE Denial Of Service Buffer Overflow Glibc
NVD
CVSS 3.0
8.1
EPSS
0.5%
CVE-2015-4645 MEDIUM This Month

Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow Squashfs Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2017-6962 HIGH This Week

An issue was discovered in apng2gif 1.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apng2Gif
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-6960 HIGH This Week

An issue was discovered in apng2gif 1.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apng2Gif Debian Linux Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2017-0104 HIGH PATCH Act Now

The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 34.9%.

Integer Overflow Microsoft Buffer Overflow Windows Server 2008 Windows Server 2012 +1
NVD
CVSS 3.0
8.1
EPSS
34.9%
CVE-2017-6952 PyPI HIGH PATCH This Week

Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow Capstone
NVD GitHub
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5898 MEDIUM PATCH This Month

Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Qemu Linux Enterprise Desktop Linux Enterprise Server +2
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2015-8982 HIGH PATCH This Week

Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow RCE Denial Of Service Buffer Overflow Glibc
NVD
CVSS 3.0
8.1
EPSS
1.3%
CVE-2015-8895 HIGH PATCH This Week

Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow Imagemagick
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2016-10168 HIGH PATCH This Week

Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libgd
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2016-10166 CRITICAL PATCH Act Now

Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Libgd
NVD GitHub
CVSS 3.0
9.8
EPSS
8.3%
CVE-2016-10251 HIGH POC PATCH This Week

Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Jasper
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-10249 HIGH POC PATCH This Week

Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Jasper
NVD GitHub
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-6355 MEDIUM PATCH This Month

Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Virglrenderer
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-6313 HIGH POC PATCH This Week

Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Buffer Overflow Gdk Pixbuf Fedora +1
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2017-6312 MEDIUM POC This Month

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow Gdk Pixbuf Fedora +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2017-0521 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Qualcomm Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0307 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-6522 MEDIUM POC PATCH This Month

Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Openbsd
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-6241 HIGH POC This Week

Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Openbsd
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5853 HIGH This Week

Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Podofo
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-5501 MEDIUM POC This Month

Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Jasper
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-5499 MEDIUM POC This Month

Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Jasper
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2016-9824 MEDIUM POC This Month

Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libav
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-9822 MEDIUM POC This Month

Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libav
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-9821 MEDIUM POC This Month

Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libav
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-5885 CRITICAL POC PATCH Act Now

Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Denial Of Service Buffer Overflow Fedora +1
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2016-9558 CRITICAL POC PATCH Act Now

(1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Libdwarf
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2016-8389 HIGH POC This Week

An exploitable integer-overflow vulnerability exists within Iceni Argus. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Argus
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2017-6350 CRITICAL PATCH Act Now

An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Vim
NVD GitHub
CVSS 3.0
9.8
EPSS
0.9%
CVE-2017-6349 CRITICAL PATCH Act Now

An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Vim
NVD GitHub
CVSS 3.0
9.8
EPSS
0.8%
CVE-2016-4490 MEDIUM This Month

Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Libiberty
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2016-4489 MEDIUM This Month

Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Libiberty
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-6308 HIGH PATCH This Week

An issue was discovered in tnef before 1.4.13. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Tnef Debian Linux
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-6303 HIGH PATCH This Week

An issue was discovered in ytnef before 1.9.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Ytnef Debian Linux
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-6302 HIGH PATCH This Week

An issue was discovered in ytnef before 1.9.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Ytnef Debian Linux
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2016-8636 HIGH PATCH This Week

Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2016-7511 MEDIUM PATCH This Month

Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libdwarf
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2016-6872 CRITICAL PATCH Act Now

Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Hhvm
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2016-6871 CRITICAL PATCH Act Now

Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Hhvm
NVD GitHub
CVSS 3.0
9.8
EPSS
0.5%
CVE-2016-6252 HIGH PATCH This Week

Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Shadow
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0309 HIGH This Week

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where multiple integer overflows may cause improper memory allocation leading to a denial of service. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Nvidia Gpu Driver
NVD
CVSS 3.0
8.8
EPSS
0.0%
CVE-2016-1889 HIGH This Week

Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Freebsd
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-2987 HIGH PATCH This Week

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Adobe Flash Player Flash Player Desktop Runtime
NVD
CVSS 3.1
8.8
EPSS
7.3%
CVE-2016-8859 CRITICAL Act Now

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Musl
NVD
CVSS 3.0
9.8
EPSS
0.8%
CVE-2017-5953 CRITICAL PATCH Act Now

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Vim
NVD GitHub
CVSS 3.0
9.8
EPSS
0.8%
CVE-2016-2147 HIGH POC PATCH This Week

Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Busybox Debian Linux Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
8.3%
CVE-2017-0410 HIGH This Week

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-7599 HIGH This Week

Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow RCE Denial Of Service Vxworks
NVD
CVSS 3.0
8.1
EPSS
8.2%
CVE-2017-5576 HIGH PATCH This Week

Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2016-9108 HIGH This Week

Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Fedora Mujs
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2016-9085 LOW PATCH Monitor

Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Libwebp Fedora
NVD
CVSS 3.1
3.3
EPSS
0.1%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Google +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Tnef
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service X265 High Efficiency Video Coding
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow +6
NVD
EPSS 87% 5.6 CVSS 7.5
HIGH POC PATCH THREAT Act Now

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 87.3%.

Integer Overflow Denial Of Service Oracle +1
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH This Week

Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Google +6
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Leap +3
NVD GitHub
EPSS 8% CVSS 9.8
CRITICAL Act Now

Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Libplist
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Jbig2Dec
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service +1
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Jbig2Dec
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Adobe +4
NVD
EPSS 5% CVSS 7.8
HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Adobe +4
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libaacplus
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libtiff
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow RCE Qualcomm +2
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Week

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow RCE Google +1
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow Buffer Overflow Arm Trusted Firmware
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM This Month

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00,. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow Huawei Buffer Overflow +6
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Huawei Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Apple +5
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Denial Of Service Tigervnc
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Linux +2
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Authentication Bypass Go Jose
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libtiff
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (application crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Jasper
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Jasper
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Jasper
NVD GitHub
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Audiofile
NVD GitHub
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Audiofile
NVD GitHub
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in apng2gif 1.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apng2Gif
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in apng2gif 1.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apng2Gif +2
NVD
EPSS 35% CVSS 8.1
HIGH PATCH Act Now

The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 34.9%.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Qemu +4
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Libgd
NVD GitHub
EPSS 8% CVSS 9.8
CRITICAL PATCH Act Now

Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Libgd
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Jasper
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Jasper
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Virglrenderer
NVD
EPSS 0% CVSS 7.1
HIGH POC PATCH This Week

Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Buffer Overflow +3
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Qualcomm +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Nvidia +2
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Openbsd
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Openbsd
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Podofo
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Jasper
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Jasper
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libav
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libav
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libav
NVD
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Denial Of Service +3
NVD
EPSS 3% CVSS 9.8
CRITICAL POC PATCH Act Now

(1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Libdwarf
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

An exploitable integer-overflow vulnerability exists within Iceni Argus. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Argus
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Vim
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Vim
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM This Month

Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Libiberty
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Libiberty
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in tnef before 1.4.13. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Tnef +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in ytnef before 1.9.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Ytnef +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in ytnef before 1.9.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Ytnef +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux +2
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows remote attackers to cause a denial of service (crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libdwarf
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Hhvm
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Hhvm
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Shadow
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where multiple integer overflows may cause improper memory allocation leading to a denial of service. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Nvidia +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Freebsd
NVD
EPSS 7% CVSS 8.8
HIGH PATCH This Week

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Adobe +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Musl
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Vim
NVD GitHub
EPSS 8% CVSS 7.5
HIGH POC PATCH This Week

Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Busybox +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Google +1
NVD
EPSS 8% CVSS 8.1
HIGH This Week

Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow RCE Denial Of Service +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Fedora +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Libwebp +1
NVD
Prev Page 29 of 31 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy