Total
2995 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9148 | 1 Qualcomm | 48 Mdm9625, Mdm9625 Firmware, Mdm9635m and 45 more | 2024-09-17 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 400, SD 425, SD 430, SD 450, SD 600, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, in the Diag User-PD command registration function, a length variable used during buffer allocation is not checked, so if it is very large, an integer overflow followed by a buffer overflow occurs. | ||||
| CVE-2017-12099 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-09-17 | 7.8 High |
| An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | ||||
| CVE-2017-17765 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocate the sizes of buffers and may be vulnerable to integer overflow leading to buffer overflow. | ||||
| CVE-2021-21036 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-17 | 7.8 High |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2017-14629 | 1 Sam2p Project | 1 Sam2p | 2024-09-17 | N/A |
| In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element. | ||||
| CVE-2016-10475 | 1 Qualcomm | 32 Sd 205, Sd 205 Firmware, Sd 210 and 29 more | 2024-09-17 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, lack input validation may lead to a integer overflow that could potentially lead to a buffer overflow. | ||||
| CVE-2017-9198 | 1 Autotrace Project | 1 Autotrace | 2024-09-17 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18. | ||||
| CVE-2017-15325 | 1 Huawei | 10 Prague-al00a, Prague-al00a Firmware, Prague-al00b and 7 more | 2024-09-17 | N/A |
| The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution. | ||||
| CVE-2018-5733 | 4 Canonical, Debian, Isc and 1 more | 9 Ubuntu Linux, Debian Linux, Dhcp and 6 more | 2024-09-17 | 7.5 High |
| A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0. | ||||
| CVE-2018-9473 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-65484460 | ||||
| CVE-2018-18650 | 1 Xpdfreader | 1 Xpdf | 2024-09-17 | N/A |
| An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. | ||||
| CVE-2017-14441 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2024-09-17 | 8.8 High |
| An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | ||||
| CVE-2015-9201 | 1 Qualcomm | 66 Mdm9206, Mdm9206 Firmware, Mdm9607 and 63 more | 2024-09-17 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, and SDX20, integer overflow in tzbsp can lead to privilege escalation. | ||||
| CVE-2020-10063 | 1 Zephyrproject | 1 Zephyr | 2024-09-17 | 6.8 Medium |
| A remote adversary with the ability to send arbitrary CoAP packets to be parsed by Zephyr is able to cause a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions. | ||||
| CVE-2018-13131 | 1 Spadepresale Project | 1 Spadepresale | 2024-09-17 | N/A |
| SpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | ||||
| CVE-2017-14887 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of messages of type eWNI_SME_MODIFY_ADDITIONAL_IES, an integer overflow leading to heap buffer overflow may potentially occur. | ||||
| CVE-2018-1324 | 2 Apache, Oracle | 3 Commons Compress, Mysql Cluster, Weblogic Server | 2024-09-17 | 5.5 Medium |
| A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. | ||||
| CVE-2022-38784 | 4 Debian, Fedoraproject, Freedesktop and 1 more | 4 Debian Linux, Fedora, Poppler and 1 more | 2024-09-17 | 7.8 High |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | ||||
| CVE-2018-3586 | 1 Google | 1 Android | 2024-09-17 | N/A |
| An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | ||||
| CVE-2017-0841 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A remote code execution vulnerability in the Android system (libutils). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37723026. | ||||