| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability. |
| An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability. |
| SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting in an out-of-bounds heap read that crashes the app. There are no published fixes at the time of publication. |
| No description is available for this CVE. |
| A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which allows an attacker to trigger a denial of service. A hard reset is required to recover the device. |
| The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations. |
| An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data. |
| GDI+ Remote Code Execution Vulnerability |
| Windows MapUrlToZone Denial of Service Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Windows Telephony Service Remote Code Execution Vulnerability |
| Windows Telephony Service Remote Code Execution Vulnerability |
| Microsoft Digest Authentication Remote Code Execution Vulnerability |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally. |
| Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. |
| Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally. |
| Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally. |
| Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally. |
| Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally. |
