CWE:
 

Topic
Date
Author
High
Xen xen-netback xenvif_set_hash_mapping Integer Overflow
17.08.2018
Felix Wilhelm
High
Google Chrome Swiftshader Texture Allocation Integer Overflow
24.07.2018
Google Security Resear...
Med.
Chrome V8 PropertyArray Integer Overflow
27.02.2018
Google Security Resear...
Med.
Artifex MuJS 1.0.2 Integer Overflow
29.01.2018
Andrea Sindoni
High
Microsoft Edge Chakra chakra!Js::GlobalObject Integer Overflow
22.08.2017
Ker Team
Med.
Microsoft Windows 8.1 (x64) RGNOBJ Integer Overflow MS16-098
09.08.2017
Saif
Med.
MySQL 5.6.35 / 5.7.17 Integer Overflow
02.05.2017
Rodrigo Marcos
Med.
tnef 1.4.12 OOB Read / Write / Type Confusions / Integer Overflows
24.02.2017
X41
Med.
Microsoft Windows 8.1 (x64) RGNOBJ Integer Overflow
12.01.2017
Saif
Med.
Android Stagefright MP4 tx3g Integer Overflow
27.09.2016
jduck
Med.
libquicktime 1.2.4 Integer Overflow
24.02.2016
Marco Romano
Med.
Python 2.7 check_multiply_size() Integer Overflow
03.11.2015
John Leitch
Med.
Python 2.7 strop.replace() Integer Overflow
03.11.2015
John Leitch
Med.
.NET Framework Integer Overflow
29.07.2015
Yorick Koster
Med.
ICU Heap / Integer Overflows
06.05.2015
Pedro Ribeiro
High
Adobe Flash Player copyPixelsToByteArray Integer Overflow
20.04.2015
Juan vazquez
Med.
Hancom Office Hwp 2014 Integer Overflow
15.04.2015
Daniel Regalado
High
Adobe Flash Player casi32 Integer Overflow
11.04.2015
Juan Vazquez
Med.
Libtiff 4.0.3 Integer Overflow
24.12.2014
Project Zero Labs
High
glibc 2.12 vfprintf function Multiple Vulnerabilities
20.06.2014
Multiple
Med.
PostgreSQL 8.4.1 Denial Of Service Integer Overflow
15.06.2014
Bernt Marius Johnsen
High
Microsoft Tagged Image File Format (TIFF) Integer Overflow
28.11.2013
sinn3r
High
IJG jpeg6b / libjpeg-turbo Uninitialized Memory
13.11.2013
Michal Zalewski
Med.
Apple Motion 5.0.7 Integer Overflow
08.10.2013
Jean Pascal Pereira
High
Code Sector TeraCopy 2.3 Integer Overflow
19.09.2013
Gjoko 'LiquidWorm' Krs...
High
nginx 1.3.9 / 1.4.0 x86 Brute Force Remote Exploit Description
25.07.2013
kingcope
High
Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
13.06.2013
Nicolas Joly
High
Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow
23.05.2013
Nicolas Joly
High
nginx ngx_http_close_connection() Integer Overflow
26.04.2013
Safe3
Med.
Linux Kernel i915 driver in the Direct Rendering Manager Integer Overflow
21.03.2013
Kees Cook
Med.
QlikView Desktop Client 11.00 SR2 Integer Overflow
14.03.2013
A. Antukh, M. Lucinski...
Low
Cam2pc BMP Image Processing Integer Overflow Vulnerability
12.03.2013
kavehghaemmaghami
Med.
Novell Groupwise 8.0.2 HP3 and 2012 Integer Overflow Vulnerability
18.09.2012
Francis Provencher
High
Adobe Flash Player \"Matrix3D\" Integer Overflow Code Execution
11.09.2012
Nicolas Joly
High
Sielco Sistemi Winlog <= 2.07.16 Integer Overflow
21.08.2012
Luigi Auriemma
High
OpenOffice.org vclmi.dll Integer Overflow
17.05.2012
Tielei Wang
High
.NET Framework EncoderParameter Integer Overflow
24.04.2012
Yorick Koster
Med.
Opera 11.60 Array Integer Overflow
04.02.2012
Code Audit Labs
High
Lighttpd 1.5.0 Proof of Concept
02.01.2012
Adam Zabrocki
High
Mozilla Firefox Array.reduceRight() Integer Overflow Exploit
23.10.2011
Matteo Memelli
High
Apple QuickTime PICT PnSize Buffer Overflow
05.09.2011
Matt "j00ru" Jurczyk
High
Bluetooth: Prevent buffer overflow in l2cap config request
01.09.2011
Dan Rosenberg
High
linux kernel 2.6.33.13 dccp handle invalid feature options length
01.07.2011
Dan Rosenberg
High
Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)
30.06.2011
metasploit
High
DATAC RealWin <= 2.1 (Build 6.1.10.10) integer overflow
07.04.2011
Luigi Auriemma
High
xpdf multiple vulnerabilities allow remote code execution
02.04.2011
Advisories Toucan-Syst...
High
PHP <= 5.3.6 shmop_read() Integer Overflow DoS
17.03.2011
Jose Carlos Norte
Med.
Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS
11.03.2011
zx2c4
Low
Linux Kernel <= 2.6.37 Local Kernel Denial of Service
02.03.2011
prdelka
High
CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability
14.02.2011
Sebastian Apelt
Med.
Libpng \"png_set_rgb_to_gray()\" Transform Buffer Overflow Vulnerability
19.01.2011
Glenn Randers-Pehrson
Low
linux kernel 2.6.35 Integer overflow in RDS cmsg
13.01.2011
Dan Rosenberg
High
linux kernel 2.6.36.1 bad parsing X.25
09.01.2011
Dan Rosenberg
Med.
linux kernel 2.6.36.1 TIPC security issues
30.12.2010
Dan Rosenberg
High
Winamp NSV Table of Contents Parsing Integer Overflow
03.12.2010
Secunia Research
Med.
IBM solidDB <= 6.5.0.3 Denial of Service Vulnerability
27.10.2010
null
Med.
Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure
06.10.2010
Jon Oberheide
Med.
bzip2 1.0.5 integer overflow
01.10.2010
Solar Designer
High
Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
30.09.2010
Abysssec
High
Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution
22.09.2010
Abysssec
High
RealPlayer 11.1 FLV Parsing Integer Overflow
15.09.2010
Abysssec
High
RealPlayer 11 FLV Parsing Integer Overflow
14.09.2010
Abysssec
High
Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit
13.09.2010
Jon Oberheide
High
Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability
13.09.2010
Abysssec
Med.
Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
03.09.2010
Abysssec
High
Adobe Shockwave TextXtra Allocator Integer Overflow Remote Code Execution Vulnerability
31.08.2010
ZDI
High
Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
30.08.2010
ZDI
High
Adobe Shockwave Player Director Remote Code Execution Vulnerability (2)
30.08.2010
ZDI
Low
linux kernel 2.6.33.7 integer overflow in ext4_ext_get_blocks()
24.08.2010
Eugene Teo
High
FreeType 2 Font File Processing Errors (Execute Arbitrary Code)
22.08.2010
Werner LEMBERG
High
SWFTools Two Integer Overflow Vulnerabilities
20.08.2010
Secunia Research
Med.
glpng PNG Processing Two Integer Overflow Vulnerabilities
16.08.2010
Secunia Research
Med.
cabextract -- 1, Infinite loop in MS-ZIP
10.08.2010
Jan Lieskovsky
High
Novell iManager 2.7.2 Multiple Vulnerabilities
30.06.2010
CORE
High
SBLIM SFCBs up to 1.3.7 pre-auth remote integer and heap overflow
04.06.2010
Agarri
Med.
libopie __readrec() off-by one (FreeBSD ftpd remote PoC)
27.05.2010
Maksymilian Arciemowic...
High
linux kernel 2.6.33 ALSA hda-intel Avoid divide by zero crash
10.04.2010
Eugene Teo
Med.
Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
03.04.2010
ZDI
Med.
Safari browser port blocking bypassed by integer overflow
26.03.2010
Gary Niger
High
XnView DICOM Parsing Integer Overflow Vulnerability
16.03.2010
Secunia Research
High
Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability
07.03.2010
ZDI
High
Luxology Modo 401 .LXO Integer Overflow
07.03.2010
CORE
High
SystemTap 1.1 Local Memory Corruption Vulnerabilities
11.02.2010
Vincent Danen
High
Adobe Shockwave Player 3D Model Two Integer Overflows
22.01.2010
Secunia Research
High
Winamp 5.56 PNG and JPEG Data Integer Overflow Vulnerabilities
22.12.2009
VUPEN
High
HP OpenView Storage Data Protector Remote Arbitrary Code Execution
22.12.2009
HP
High
Winamp 5.56 Oktalyzer Parsing Integer Overflow Vulnerability
22.12.2009
Secunia Research
High
CoreHTTP web server off-by-one buffer overflow vulnerability
10.12.2009
Patroklos Argyroudis
High
Roxio Creator Image Rendering Integer Overflow Vulnerability
07.12.2009
Secunia Research
High
Gimp PSD Image Parsing Integer Overflow Vulnerability
20.11.2009
Secunia Research
High
Gimp BMP Image Parsing Integer Overflow Vulnerability
16.11.2009
Secunia Research
High
linux kernel 2.6.25.15 kvm integer overflow kvm_dev_ioctl_get_supported_cpuid()
02.11.2009
Eugene Teoleugeneteo
Low
ax25_setsockopt function - Integer signedness error - Denial of Service Vulnerability
22.10.2009
Fedora Team
High
glibc x<=2.10.1 stdio/strfmon.c Multiple vulnerabilities
19.09.2009
Maksymilian Arciemowic...
Low
Media Player Classic 6.4.9 (.mid) Integer Overflow PoC
17.09.2009
PLATEN
High
OpenOffice.org Word Document Table Parsing Integer Underflow
03.09.2009
Secunia Research
High
Borland VisiBroker Smart Agent <= 08.00.00.C1.03 Remote Heap Overflow Vulnerability
31.08.2009
Luigi Auriemma
High
HT-MP3Player 1.0 (.ht3 File) Local Buffer Overflow Exploit (SEH)
17.07.2009
hack4love
Low
libtiff tools integer overflows
17.07.2009
Andrea Barisani
High
CamlImages integer overflows
09.07.2009
Andrea Barisani


CVEMAP Search Results

CVE
Details
Description
2018-06-11
Medium
CVE-2017-5462

Vendor: Mozilla
Software: Firefox
 

 
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

 
Medium
CVE-2017-7813

Vendor: Mozilla
Software: Firefox
 

 
Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This vulnerability affects Firefox < 56.

 
2018-04-18
High
CVE-2016-10490

Vendor: Qualcomm
Software: Mdm9206 firmware
 

 
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, if a negative value is passed as argument "max" to qurt_qdi_state_local_new_handle_from_obj, an buffer overflow occurs, due to typecasting the signed integer to unsigned.

 
2018-04-12
Medium
CVE-2018-9860

Vendor: Botan project
Software: Botan
 

 
An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs.

 
2018-04-04
Medium
CVE-2018-9263

Vendor: Wireshark
Software: Wireshark
 

 
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length.

 
2018-02-27
Medium
CVE-2016-10714

Updating...
 

 
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.

 
2018-02-15
High
CVE-2017-17300

Vendor: Huawei
Software: S12700 firmware
 

 
Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause the affected products to reset.

 
2018-01-05
Low
CVE-2018-5251

Vendor: Libming
Software: Libming
 

 
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.

 
2017-12-06
Low
CVE-2017-17446

Vendor: Game-music-emu project
Software: Game-music-emu
 

 
The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

 
2017-09-11
Low
CVE-2017-14314

Vendor: Graphicsmagick
Software: Graphicsmagick
 

 
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top