Filtered by CWE-190
Total 3066 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-46483 1 Xlightftpd 1 Xlight Ftp Server 2024-10-23 9.8 Critical
Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.
CVE-2024-42643 1 Smartdns Project 1 Smartdns 2024-10-23 7.5 High
Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access.
CVE-2024-47424 2 Adobe, Microsoft 2 Framemaker, Windows 2024-10-18 7.8 High
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-41858 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2024-10-15 7.8 High
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-47416 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-10-10 7.8 High
Animate versions 23.0.7, 24.0.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-20434 1 Cisco 1 Ios Xe 2024-10-08 4.3 Medium
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected device. A successful exploit could allow the attacker to render the control plane of the affected device unresponsive. The device would not be accessible through the console or CLI, and it would not respond to ping requests, SNMP requests, or requests from other control plane protocols. Traffic that is traversing the device through the data plane is not affected. A reload of the device is required to restore control plane services.
CVE-2024-44198 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2024-09-24 5.5 Medium
An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2023-45854 1 Shopkit Project 1 Shopkit 2024-09-20 7.5 High
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function.
CVE-2024-44087 1 Siemens 1 Automation License Manager 2024-09-10 8.6 High
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6.0 (All versions), Automation License Manager V6.2 (All versions < V6.2 Upd3). Affected applications do not properly validate certain fields in incoming network packets on port 4410/tcp. This could allow an unauthenticated remote attacker to cause an integer overflow and crash of the application. This denial of service condition could prevent legitimate users from using subsequent products that rely on the affected application for license verification.
CVE-2024-33035 1 Qualcomm 84 Fastconnect 6200 Firmware, Fastconnect 6700 Firmware, Fastconnect 6800 Firmware and 81 more 2024-09-05 8.4 High
Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.
CVE-2024-28044 1 Openatom 1 Openharmony 2024-09-04 3.3 Low
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.
CVE-2024-7867 1 Xpdfreader 1 Xpdf 2024-08-28 6.2 Medium
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.
CVE-2024-30949 1 Newlib Project 1 Newlib 2024-08-21 9.8 Critical
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.
CVE-2024-41851 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-08-19 7.8 High
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-21844 2024-08-16 4.3 Medium
Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2021-47581 2024-06-20 3.3 Low
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2023-2004 1 Redhat 1 Openjdk 2023-11-07 0.0 Low
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2022-3756 2023-11-07 8.8 High
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2021-20248 2023-11-07 0.0 Low
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2017-7286 2023-11-07 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none