Total
2995 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7860 | 2 Linux, Unegg Project | 2 Linux Kernel, Unegg | 2024-09-16 | 7.8 High |
| UnEGG v0.5 and eariler versions have a Integer overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by UnEGG. Attackers could exploit this and arbitrary code execution. This issue affects: Estsoft UnEGG 0.5 versions prior to 1.0 on linux. | ||||
| CVE-2017-9184 | 1 Autotrace Project | 1 Autotrace | 2024-09-16 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7. | ||||
| CVE-2017-2901 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-09-16 | 7.8 High |
| An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2018-14084 | 1 Myadvancedtoken Project | 1 Myadvancedtoken | 2024-09-16 | 9.8 Critical |
| An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell(). | ||||
| CVE-2017-12086 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-09-16 | 7.8 High |
| An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order to trigger this vulnerability. | ||||
| CVE-2017-0729 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37710346. | ||||
| CVE-2018-13091 | 1 Sumocoin Project | 1 Sumocoin | 2024-09-16 | N/A |
| The mintToken function of a smart contract implementation for sumocoin (SUMO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2017-8275 | 1 Qualcomm | 28 Sd 205, Sd 205 Firmware, Sd 210 and 25 more | 2024-09-16 | N/A |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 835, an integer overflow vulnerability exists in a video library. | ||||
| CVE-2017-9185 | 1 Autotrace Project | 1 Autotrace | 2024-09-16 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7. | ||||
| CVE-2018-13083 | 1 Plazatoken Project | 1 Plazatoken | 2024-09-16 | 7.5 High |
| The mintToken function of a smart contract implementation for Plaza Token (PLAZA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2018-18206 | 1 Bytom | 1 Bytom | 2024-09-16 | N/A |
| In the client in Bytom before 1.0.6, checkTopicRegister in p2p/discover/net.go does not prevent negative idx values, leading to a crash. | ||||
| CVE-2018-13068 | 1 Azuriontoken Project | 1 Azuriontoken | 2024-09-16 | N/A |
| The mintToken function of a smart contract implementation for AzurionToken (AZU), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2018-13076 | 1 Betcash Project | 1 Betcash | 2024-09-16 | N/A |
| The mintToken function of a smart contract implementation for Betcash (BC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2017-0869 | 1 Google | 1 Android | 2024-09-16 | N/A |
| NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. This issue is rated as high. Version: N/A. Android ID: A-37776156. References: N-CVE-2017-0869. | ||||
| CVE-2017-7529 | 4 Apple, F5, Puppet and 1 more | 4 Xcode, Nginx, Puppet Enterprise and 1 more | 2024-09-16 | 7.5 High |
| Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. | ||||
| CVE-2016-10377 | 1 Openvswitch | 1 Openvswitch | 2024-09-16 | N/A |
| In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extract`, permitting remote bypass of the access control list enforced by the switch. | ||||
| CVE-2018-9363 | 5 Canonical, Debian, Google and 2 more | 6 Ubuntu Linux, Debian Linux, Android and 3 more | 2024-09-16 | 8.4 High |
| In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel. | ||||
| CVE-2017-17766 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allocation may potentially lead to a buffer overflow. | ||||
| CVE-2017-3738 | 4 Debian, Nodejs, Openssl and 1 more | 5 Debian Linux, Node.js, Openssl and 2 more | 2024-09-16 | 5.9 Medium |
| There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository. | ||||
| CVE-2018-3577 | 1 Google | 1 Android | 2024-09-16 | N/A |
| While processing fragments, when the fragment count becomes very large, an integer overflow leading to a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | ||||