Total
2944 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-43838 | 1 Linux | 1 Linux Kernel | 2024-10-29 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: fix overflow check in adjust_jmp_off()
adjust_jmp_off() incorrectly used the insn->imm field for all overflow check,
which is incorrect as that should only be done or the BPF_JMP32 | BPF_JA case,
not the general jump instruction case. Fix it by using insn->off for overflow
check in the general case.
|
|||||
| CVE-2024-47024 | 1 Google | 1 Android | 2024-10-28 | N/A | 7.8 HIGH |
|
In vring_size of external/headers/include/virtio/virtio_ring.h, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-47028 | 1 Google | 1 Android | 2024-10-28 | N/A | 4.4 MEDIUM |
|
In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2022-48947 | 1 Linux | 1 Linux Kernel | 2024-10-25 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: Fix u8 overflow
By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases
multiple times and eventually it will wrap around the maximum number
(i.e., 255).
This patch prevents this by adding a boundary check with
L2CAP_MAX_CONF_RSP
Btmon log:
Bluetooth monitor ver 5.64
= Note: Linux version 6.1.0-rc2 (x86_64) 0.264594
= Note: Bluetooth subsystem version 2.22 ...
Show More |
|||||
| CVE-2022-49030 | 1 Linux | 1 Linux Kernel | 2024-10-24 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
libbpf: Handle size overflow for ringbuf mmap
The maximum size of ringbuf is 2GB on x86-64 host, so 2 * max_entries
will overflow u32 when mapping producer page and data pages. Only
casting max_entries to size_t is not enough, because for 32-bits
application on 64-bits kernel the size of read-only mmap region
also could overflow size_t.
So fixing it by casting the size of read-only mmap region into a __u64
and checking whethe ...
Show More |
|||||
| CVE-2024-46483 | 2024-10-23 | N/A | 9.8 CRITICAL | ||
|
Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.
|
|||||
| CVE-2024-42643 | 2024-10-23 | N/A | 7.5 HIGH | ||
|
Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access.
|
|||||
| CVE-2024-43566 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 9.8 CRITICAL |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-47424 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-10-18 | N/A | 7.8 HIGH |
|
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-37976 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-10-16 | N/A | 6.7 MEDIUM |
|
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
|
|||||
| CVE-2024-41858 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-10-15 | N/A | 7.8 HIGH |
|
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-47661 | 1 Linux | 1 Linux Kernel | 2024-10-15 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Avoid overflow from uint32_t to uint8_t
[WHAT & HOW]
dmub_rb_cmd's ramping_boundary has size of uint8_t and it is assigned
0xFFFF. Fix it by changing it to uint8_t with value of 0xFF.
This fixes 2 INTEGER_OVERFLOW issues reported by Coverity.
|
|||||
| CVE-2024-47416 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | N/A | 7.8 HIGH |
|
Animate versions 23.0.7, 24.0.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-20434 | 1 Cisco | 1 Ios Xe | 2024-10-08 | N/A | 4.3 MEDIUM |
|
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device.
This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected device. A successful exploit could allow the attacker to render the control plane of the affected device unresponsive. The device would not be acce ...
Show More |
|||||
| CVE-2023-45854 | 2024-09-20 | N/A | 7.5 HIGH | ||
|
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function.
|
|||||
| CVE-2024-43495 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2 | 2024-09-18 | N/A | 7.3 HIGH |
|
Windows libarchive Remote Code Execution Vulnerability
|
|||||
| CVE-2024-44981 | 1 Linux | 1 Linux Kernel | 2024-09-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask()
UBSAN reports the following 'subtraction overflow' error when booting
in a virtual machine on Android:
| Internal error: UBSAN: integer subtraction overflow: 00000000f2005515 [#1] PREEMPT SMP
| Modules linked in:
| CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.10.0-00006-g3cbe9e5abd46-dirty #4
| Hardware name: linux,dummy-virt (DT)
| pstate: 600000c5 (nZ ...
Show More |
|||||
| CVE-2024-28044 | 1 Openatom | 1 Openharmony | 2024-09-04 | N/A | 5.5 MEDIUM |
|
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.
|
|||||
| CVE-2024-7867 | 1 Xpdfreader | 1 Xpdf | 2024-08-28 | N/A | 6.2 MEDIUM |
|
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.
|
|||||
| CVE-2024-30949 | 1 Newlib Project | 1 Newlib | 2024-08-21 | N/A | 9.8 CRITICAL |
|
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.
|
|||||
| CVE-2024-41851 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-08-19 | N/A | 7.8 HIGH |
|
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-38144 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 8.8 HIGH |
|
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38215 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2024-08-16 | N/A | 7.8 HIGH |
|
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38128 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-08-16 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||