Total
2944 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16070 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2018-16009 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
|
|||||
| CVE-2018-16007 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
|
|||||
| CVE-2018-15995 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
|
|||||
| CVE-2018-15986 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
|
|||||
| CVE-2018-15560 | 1 Pycryptodome | 1 Pycryptodome | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.
|
|||||
| CVE-2018-14938 | 2 Canonical, Digitalcorpora | 2 Ubuntu Linux, Tcpflow | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds read and may allow access to sensitive memory (or a denial of service).
|
|||||
| CVE-2018-14883 | 4 Canonical, Debian, Netapp and 1 more | 4 Ubuntu Linux, Debian Linux, Storage Automation Store and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
|
|||||
| CVE-2018-14618 | 4 Canonical, Debian, Haxx and 1 more | 4 Ubuntu Linux, Debian Linux, Libcurl and 1 more | 2024-11-21 | 10.0 HIGH | 7.5 HIGH |
|
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password ...
Show More |
|||||
| CVE-2018-14576 | 1 Suncontract | 1 Suncontract | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintTokens function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the _amount variable.
|
|||||
| CVE-2018-14444 | 1 Libdxfrw Project | 1 Libdxfrw | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash.
|
|||||
| CVE-2018-14343 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.
|
|||||
| CVE-2018-14341 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.
|
|||||
| CVE-2018-14337 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.
|
|||||
| CVE-2018-14326 | 1 Techsmith | 1 Mp4v2 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.
|
|||||
| CVE-2018-14295 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF documents. When parsing shading patterns, the process does not properly validate user-supplied data, which can result in an integer overflow before allocating a buffer. An attac ...
Show More |
|||||
| CVE-2018-14088 | 1 Stex White List Project | 1 Stex White List | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in a smart contract implementation for STeX White List (STE(WL)), an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount * 1000000000000000" will cause an integer overflow in withdrawToFounders().
|
|||||
| CVE-2018-14087 | 1 Encryptedtoken Project | 1 Encryptedtoken | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. The contract has an integer overflow. If the owner sets the value of buyPrice to a large number in setPrices() then the "msg.value * buyPrice" will cause an integer overflow in the fallback function.
|
|||||
| CVE-2018-14086 | 1 Mytoken Project | 1 Mytoken | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().
|
|||||
| CVE-2018-14084 | 1 Myadvancedtoken Project | 1 Myadvancedtoken | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().
|
|||||
| CVE-2018-14063 | 1 Tracto | 1 Tracto | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The increaseApproval function of a smart contract implementation for Tracto (TRCT), an Ethereum ERC20 token, has an integer overflow.
|
|||||
| CVE-2018-14006 | 1 Ngtoken Project | 1 Ngtoken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. An attacker could use it to set any user's balance.
|
|||||
| CVE-2018-14005 | 1 Malaysiancoin Project | 1 Malaysiancoin | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance.
|
|||||
| CVE-2018-14004 | 1 Globecoin Project | 1 Globecoin | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user's balance.
|
|||||
| CVE-2018-14003 | 1 Wmctoken Project | 1 Wmctoken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user's balance.
|
|||||
| CVE-2018-14002 | 1 Mp3 Coin Project | 1 Mp3 Coin | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user's balance.
|
|||||
| CVE-2018-14001 | 1 Sharktech Project | 1 Sharktech | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user's balance.
|
|||||
| CVE-2018-13887 | 1 Qualcomm | 74 Mdm9150, Mdm9150 Firmware, Mdm9206 and 71 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, ...
Show More |
|||||
| CVE-2018-13886 | 1 Qualcomm | 100 Mdm9150, Mdm9150 Firmware, Mdm9206 and 97 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD ...
Show More |
|||||
| CVE-2018-13836 | 1 Rocket Coin Project | 1 Rocket Coin | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user's balance.
|
|||||
| CVE-2018-13785 | 4 Canonical, Libpng, Oracle and 1 more | 7 Ubuntu Linux, Libpng, Jdk and 4 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
|
|||||
| CVE-2018-13783 | 1 Jiucaitoken Project | 1 Jiucaitoken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||
| CVE-2018-13782 | 1 Entercoin Project | 1 Entercoin | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||
| CVE-2018-13781 | 1 Myylctoken Project | 1 Myylctoken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||
| CVE-2018-13780 | 1 Esh Project | 1 Esh | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||
| CVE-2018-13779 | 1 Ylctoken Project | 1 Ylctoken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||
| CVE-2018-13778 | 1 Cgctoken Project | 1 Cgctoken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||
| CVE-2018-13777 | 1 Rrtoken Project | 1 Rrtoken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||
| CVE-2018-13776 | 1 Appletoken Project | 1 Appletoken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||
| CVE-2018-13775 | 1 Rckt Coin Project | 1 Rckt Coin | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
|
|||||