Total
3066 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-46483 | 1 Xlightftpd | 1 Xlight Ftp Server | 2024-10-23 | 9.8 Critical |
Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content. | ||||
CVE-2024-42643 | 1 Smartdns Project | 1 Smartdns | 2024-10-23 | 7.5 High |
Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access. | ||||
CVE-2024-47424 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-10-18 | 7.8 High |
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-41858 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-10-15 | 7.8 High |
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-47416 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | 7.8 High |
Animate versions 23.0.7, 24.0.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-20434 | 1 Cisco | 1 Ios Xe | 2024-10-08 | 4.3 Medium |
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected device. A successful exploit could allow the attacker to render the control plane of the affected device unresponsive. The device would not be accessible through the console or CLI, and it would not respond to ping requests, SNMP requests, or requests from other control plane protocols. Traffic that is traversing the device through the data plane is not affected. A reload of the device is required to restore control plane services. | ||||
CVE-2024-44198 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-09-24 | 5.5 Medium |
An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
CVE-2023-45854 | 1 Shopkit Project | 1 Shopkit | 2024-09-20 | 7.5 High |
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function. | ||||
CVE-2024-44087 | 1 Siemens | 1 Automation License Manager | 2024-09-10 | 8.6 High |
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6.0 (All versions), Automation License Manager V6.2 (All versions < V6.2 Upd3). Affected applications do not properly validate certain fields in incoming network packets on port 4410/tcp. This could allow an unauthenticated remote attacker to cause an integer overflow and crash of the application. This denial of service condition could prevent legitimate users from using subsequent products that rely on the affected application for license verification. | ||||
CVE-2024-33035 | 1 Qualcomm | 84 Fastconnect 6200 Firmware, Fastconnect 6700 Firmware, Fastconnect 6800 Firmware and 81 more | 2024-09-05 | 8.4 High |
Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients. | ||||
CVE-2024-28044 | 1 Openatom | 1 Openharmony | 2024-09-04 | 3.3 Low |
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow. | ||||
CVE-2024-7867 | 1 Xpdfreader | 1 Xpdf | 2024-08-28 | 6.2 Medium |
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero. | ||||
CVE-2024-30949 | 1 Newlib Project | 1 Newlib | 2024-08-21 | 9.8 Critical |
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function. | ||||
CVE-2024-41851 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-08-19 | 7.8 High |
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-21844 | 2024-08-16 | 4.3 Medium | ||
Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
CVE-2021-47581 | 2024-06-20 | 3.3 Low | ||
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
CVE-2023-2004 | 1 Redhat | 1 Openjdk | 2023-11-07 | 0.0 Low |
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
CVE-2022-3756 | 2023-11-07 | 8.8 High | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
CVE-2021-20248 | 2023-11-07 | 0.0 Low | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
CVE-2017-7286 | 2023-11-07 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none |