Total
2995 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2566 | 1 Ffmpeg | 1 Ffmpeg | 2024-09-17 | 9 Critical |
| A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 | ||||
| CVE-2017-2902 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-09-17 | 7.8 High |
| An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2022-36402 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-09-17 | 6.3 Medium |
| An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | ||||
| CVE-2018-13078 | 1 Jitech Project | 1 Jitech | 2024-09-17 | N/A |
| The mintToken function of a smart contract implementation for Jitech (JTH), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2017-12081 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-09-17 | 7.8 High |
| An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | ||||
| CVE-2017-2906 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-09-17 | 7.8 High |
| An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerability. | ||||
| CVE-2018-13070 | 1 Encryptedtoken Project | 1 Encryptedtoken | 2024-09-17 | N/A |
| The mintToken function of a smart contract implementation for EncryptedToken (ECC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2017-2717 | 1 Huawei | 2 Honor 8 Pro, Honor 8 Pro Firmware | 2024-09-17 | N/A |
| honor 8 Pro with software Duke-L09C10B120 and earlier versions,Duke-L09C432B120 and earlier versions,Duke-L09C636B120 and earlier versions has an integer overflow vulnerability. The attacker sends a response message to the device, which contains an illegal length field, it could produce an integer overflow and restart the modem system. | ||||
| CVE-2017-2838 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-09-17 | 5.9 Medium |
| An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | ||||
| CVE-2020-15707 | 8 Canonical, Debian, Gnu and 5 more | 19 Ubuntu Linux, Debian Linux, Grub2 and 16 more | 2024-09-17 | 5.7 Medium |
| Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. | ||||
| CVE-2018-13126 | 1 Moxy | 1 Moxyonepresale | 2024-09-17 | N/A |
| MoxyOnePresale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | ||||
| CVE-2018-18928 | 1 Icu-project | 1 International Components For Unicode | 2024-09-17 | N/A |
| International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp. | ||||
| CVE-2017-8255 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot. | ||||
| CVE-2018-13328 | 1 Pfg Project | 1 Pfg | 2024-09-17 | 7.5 High |
| The transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow. | ||||
| CVE-2021-27665 | 1 Johnsoncontrols | 1 Exacqvision Server | 2024-09-17 | 7.5 High |
| An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition. | ||||
| CVE-2018-13130 | 1 Bitotal | 1 Bitotal | 2024-09-17 | N/A |
| Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | ||||
| CVE-2017-2918 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-09-17 | 7.8 High |
| An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | ||||
| CVE-2017-4950 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2024-09-17 | N/A |
| VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default. | ||||
| CVE-2018-13084 | 1 Goodtimecoin Project | 1 Goodtimecoin | 2024-09-17 | 7.5 High |
| The mintToken function of a smart contract implementation for Good Time Coin (GTY), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2022-24107 | 1 Glyphandcog | 1 Xpdfreader | 2024-09-17 | 7.8 High |
| Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. | ||||