Total
2944 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25147 | 1 Apache | 1 Portable Runtime Utility | 2025-02-13 | N/A | 6.5 MEDIUM |
|
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer.
This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
|
|||||
| CVE-2023-20663 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-02-13 | N/A | 6.7 MEDIUM |
|
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741.
|
|||||
| CVE-2023-24537 | 1 Golang | 1 Go | 2025-02-12 | N/A | 7.5 HIGH |
|
Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.
|
|||||
| CVE-2023-20682 | 4 Google, Linux, Mediatek and 1 more | 44 Android, Linux Kernel, Mt5221 and 41 more | 2025-02-12 | N/A | 6.7 MEDIUM |
|
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605.
|
|||||
| CVE-2023-20507 | 2025-02-11 | N/A | 2.3 LOW | ||
|
An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity.
|
|||||
| CVE-2025-0302 | 1 Openatom | 1 Openharmony | 2025-02-11 | N/A | 5.5 MEDIUM |
|
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow.
|
|||||
| CVE-2023-26065 | 1 Lexmark | 217 6500e, B2236, B2338 and 214 more | 2025-02-11 | N/A | 9.8 CRITICAL |
|
Certain Lexmark devices through 2023-02-19 have an Integer Overflow.
|
|||||
| CVE-2023-6780 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2025-02-07 | N/A | 5.3 MEDIUM |
|
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
|
|||||
| CVE-2022-48468 | 1 Protobuf-c Project | 1 Protobuf-c | 2025-02-07 | N/A | 5.5 MEDIUM |
|
protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.
|
|||||
| CVE-2023-27913 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2025-02-06 | N/A | 7.8 HIGH |
|
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process.
|
|||||
| CVE-2021-0880 | 1 Google | 1 Android | 2025-02-06 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeRGXKickTA3D of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270396792
|
|||||
| CVE-2021-0879 | 1 Google | 1 Android | 2025-02-06 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeRGXTDMSubmitTransfer of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270397970
|
|||||
| CVE-2021-0878 | 1 Google | 1 Android | 2025-02-06 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeServerSyncGetStatus of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270399153
|
|||||
| CVE-2024-13614 | 2025-02-06 | N/A | 5.3 MEDIUM | ||
|
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, Kaspersky Anti-Ransomware Tool that could allow an authenticated attacker to write data to a limited area outside the allocated kernel ...
Show More |
|||||
| CVE-2021-33797 | 1 Artifex | 1 Mujs | 2025-02-06 | N/A | 9.8 CRITICAL |
|
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.
|
|||||
| CVE-2021-0876 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgePhysmemNewRamBackedLockedPMR of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270400229
|
|||||
| CVE-2021-0875 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeChangeSparseMem of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270400061
|
|||||
| CVE-2021-0874 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeDevicememHistorySparseChange of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270399633
|
|||||
| CVE-2021-0873 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeRGXKickRS of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270392711
|
|||||
| CVE-2021-0872 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeRGXKickVRDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270401229
|
|||||
| CVE-2021-0885 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeSyncPrimOpTake of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270401914
|
|||||
| CVE-2021-0884 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgePhysmemImportSparseDmaBuf of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270393454
|
|||||
| CVE-2021-0883 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeCacheOpQueue of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270395013
|
|||||
| CVE-2021-0882 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeRGXKickSync of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270395803
|
|||||
| CVE-2021-0881 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In PVRSRVBridgeRGXKickCDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270396350
|
|||||
| CVE-2023-30463 | 1 Altran | 1 Picotcp | 2025-02-05 | N/A | 7.5 HIGH |
|
Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 may occur.
|
|||||
| CVE-2023-1900 | 1 Avira | 1 Antivirus | 2025-02-05 | N/A | 7.8 HIGH |
|
A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap and lead to a denial-of-service situation.
Issue was fixed with Endpointprotection.exe version 1.0.2303.633
|
|||||
| CVE-2024-35827 | 1 Linux | 1 Linux Kernel | 2025-02-03 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring/net: fix overflow check in io_recvmsg_mshot_prep()
The "controllen" variable is type size_t (unsigned long). Casting it
to int could lead to an integer underflow.
The check_add_overflow() function considers the type of the destination
which is type int. If we add two positive values and the result cannot
fit in an integer then that's counted as an overflow.
However, if we cast "controllen" to an int and it turns n ...
Show More |
|||||
| CVE-2021-47098 | 1 Linux | 1 Linux Kernel | 2025-02-03 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations
Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of
temperature calculations") addressed a number of underflow situations
when writing temperature limits. However, it missed one situation, seen
when an attempt is made to set the hysteresis value to MAX_LONG and the
critical temperature limit is negative.
Use clamp_val() when setting the ...
Show More |
|||||
| CVE-2024-46669 | 1 Fortinet | 1 Fortios | 2025-01-31 | N/A | 3.5 LOW |
|
An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service.
|
|||||
| CVE-2023-27937 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-01-29 | N/A | 7.8 HIGH |
|
An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution.
|
|||||
| CVE-2022-46720 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-01-29 | N/A | 8.6 HIGH |
|
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to break out of its sandbox
|
|||||
| CVE-2022-47489 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | N/A | 4.4 MEDIUM |
|
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
|
|||||
| CVE-2023-43545 | 1 Qualcomm | 56 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 53 more | 2025-01-27 | N/A | 6.7 MEDIUM |
|
Memory corruption when more scan frequency list or channels are sent from the user space.
|
|||||
| CVE-2025-21244 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 8.8 HIGH |
|
Windows Telephony Service Remote Code Execution Vulnerability
|
|||||
| CVE-2025-21243 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 8.8 HIGH |
|
Windows Telephony Service Remote Code Execution Vulnerability
|
|||||
| CVE-2023-32058 | 1 Vyperlang | 1 Vyper | 2025-01-24 | N/A | 7.5 HIGH |
|
Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The prob ...
Show More |
|||||
| CVE-2024-1633 | 1 Renesas | 10 Arm-trusted-firmware, R-car D3e, R-car E3e and 7 more | 2025-01-24 | N/A | 2.0 LOW |
|
During the secure boot, bl2 (the second stage of
the bootloader) loops over images defined in the table “bl2_mem_params_descs”.
For each image, the bl2 reads the image length and destination from the image’s
certificate. Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot.
Affected git versi ...
Show More |
|||||
| CVE-2024-3077 | 1 Zephyrproject | 1 Zephyr | 2025-01-23 | N/A | 6.8 MEDIUM |
|
An malicious BLE device can crash BLE victim device by sending malformed gatt packet
|
|||||
| CVE-2024-23307 | 1 Linux | 1 Linux Kernel | 2025-01-22 | N/A | 4.4 MEDIUM |
|
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.
|
|||||