Total
2826 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24857 | 1 Linux | 1 Linux Kernel | 2025-02-13 | N/A | 4.6 MEDIUM |
| A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service. | |||||
| CVE-2024-1580 | 3 Apple, Fedoraproject, Videolan | 7 Ipados, Iphone Os, Macos and 4 more | 2025-02-13 | N/A | 5.9 MEDIUM |
| An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d. | |||||
| CVE-2023-46246 | 1 Vim | 1 Vim | 2025-02-13 | N/A | 4.0 MEDIUM |
| Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. | |||||
| CVE-2023-43826 | 1 Apache | 1 Guacamole | 2025-02-13 | N/A | 7.5 HIGH |
| Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.5.4, which fixes this issue. | |||||
| CVE-2023-28613 | 1 Samsung | 6 Exynos 1280, Exynos 1280 Firmware, Exynos 2200 and 3 more | 2025-02-13 | N/A | 6.8 MEDIUM |
| An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments. | |||||
| CVE-2022-25147 | 1 Apache | 1 Portable Runtime Utility | 2025-02-13 | N/A | 6.5 MEDIUM |
| Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions. | |||||
| CVE-2023-20663 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-02-13 | N/A | 6.7 MEDIUM |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741. | |||||
| CVE-2023-24537 | 1 Golang | 1 Go | 2025-02-12 | N/A | 7.5 HIGH |
| Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. | |||||
| CVE-2023-20682 | 4 Google, Linux, Mediatek and 1 more | 44 Android, Linux Kernel, Mt5221 and 41 more | 2025-02-12 | N/A | 6.7 MEDIUM |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605. | |||||
| CVE-2023-20507 | 2025-02-11 | N/A | 2.3 LOW | ||
| An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity. | |||||
| CVE-2025-0302 | 1 Openatom | 1 Openharmony | 2025-02-11 | N/A | 5.5 MEDIUM |
| in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow. | |||||
| CVE-2023-26065 | 1 Lexmark | 217 6500e, B2236, B2338 and 214 more | 2025-02-11 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 have an Integer Overflow. | |||||
| CVE-2023-6780 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2025-02-07 | N/A | 5.3 MEDIUM |
| An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer. | |||||
| CVE-2022-48468 | 1 Protobuf-c Project | 1 Protobuf-c | 2025-02-07 | N/A | 5.5 MEDIUM |
| protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. | |||||
| CVE-2023-27913 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2025-02-06 | N/A | 7.8 HIGH |
| A maliciously crafted X_B file when parsed through AutodeskĀ® AutoCADĀ® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2021-0880 | 1 Google | 1 Android | 2025-02-06 | N/A | 7.8 HIGH |
| In PVRSRVBridgeRGXKickTA3D of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270396792 | |||||
| CVE-2021-0879 | 1 Google | 1 Android | 2025-02-06 | N/A | 7.8 HIGH |
| In PVRSRVBridgeRGXTDMSubmitTransfer of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270397970 | |||||
| CVE-2021-0878 | 1 Google | 1 Android | 2025-02-06 | N/A | 7.8 HIGH |
| In PVRSRVBridgeServerSyncGetStatus of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270399153 | |||||
| CVE-2024-13614 | 2025-02-06 | N/A | 5.3 MEDIUM | ||
| Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, Kaspersky Anti-Ransomware Tool that could allow an authenticated attacker to write data to a limited area outside the allocated kernel memory buffer. The fix was installed automatically for all Kaspersky Endpoint products. | |||||
| CVE-2021-33797 | 1 Artifex | 1 Mujs | 2025-02-06 | N/A | 9.8 CRITICAL |
| Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d. | |||||