CWE:
 

Topic
Date
Author
Med.
MiniUPnP MiniUPnPc < 2.0 Remote Denial of Service
12.01.2018
tintinweb
Med.
Windows Kernel win32k.sys Integer Overflow (MS13-101)
12.12.2013
CORE
High
Apache 1.3.41 mod_proxy Integer overflow (code execution)
29.01.2010
Adam Zabrocki
Med.
Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability
11.12.2009
ZDI


CVEMAP Search Results

CVE
Details
Description
2018-03-27
Low
CVE-2018-7194

Vendor: Osticket
Software: Osticket
 

 
Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a large number of digits in the ticket number format setting.

 
2018-03-23
High
CVE-2017-15325

Updating...
 

 
The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution.

 
2018-03-16
Medium
CVE-2017-14887

Vendor: Google
Software: Android
 

 
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of messages of type eWNI_SME_MODIFY_ADDITIONAL_IES, an integer overflow leading to heap buffer overflow may potentially occur.

 
2018-03-15
High
CVE-2016-10393

Vendor: Google
Software: Android
 

 
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and allocated buffer size will be less than intended buffer size. The following buffer operations will overflow the allocated buffer.

 
2018-03-13
Low
CVE-2018-8098

Updating...
 

 
Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file.

 
Medium
CVE-2018-1000127

Vendor: Canonical
Software: Ubuntu linux
 

 
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

 
2018-03-12
Medium
CVE-2018-1000098

Vendor: Teluu
Software: Pjsip
 

 
Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.

 
2018-03-09
Medium
CVE-2017-17324

Vendor: Huawei
Software: Mate 9 pro f...
 

 
Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; LON-AL00BC00B229 have an integer overflow vulnerability. The camera driver does not validate the external input parameters and causes an integer overflow, which in the after processing results in a buffer overflow. An attacker tricks the user to install a crafted application, successful exploit could cause malicious code execution.

 
Medium
CVE-2017-17147

Vendor: Huawei
Software: Dp300 firmware
 

 
Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks.

 
Medium
CVE-2017-17328

Vendor: Huawei
Software: Mha-al00a fi...
 

 
Huawei smartphones with software of MHA-AL00AC00B125 have an integer overflow vulnerability. The software does not process certain variable properly when handle certain process. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause information disclosure.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top