Total
1251 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-0608 | 1 Android | 1 Android Sdk | 2018-10-10 | 7.2 HIGH | N/A |
Integer overflow in the showLog function in fake_log_device.c in liblog in Open Handset Alliance Android 1.0 allows attackers to trigger a buffer overflow and possibly have unspecified other impact by sending a large number of input lines. | |||||
CVE-2009-0607 | 1 Openhandsetalliance | 1 Android Sdk | 2018-10-10 | 7.2 HIGH | N/A |
Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions. | |||||
CVE-2009-0584 | 2 Argyllcms, Ghostscript | 2 Cms, Ghostscript | 2018-10-10 | 9.3 HIGH | N/A |
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. | |||||
CVE-2012-0711 | 3 Ibm, Linux, Sun | 4 Aix, Db2, Linux Kernel and 1 more | 2018-10-10 | 7.5 HIGH | N/A |
Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. | |||||
CVE-2015-8396 | 1 Grassroots Dicom Project | 1 Grassroots Dicom | 2018-10-09 | 10.0 HIGH | 10.0 CRITICAL |
Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow. | |||||
CVE-2015-8221 | 1 Google | 1 Picasa | 2018-10-09 | 10.0 HIGH | N/A |
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow. | |||||
CVE-2015-8096 | 1 Google | 1 Picasa | 2018-10-09 | 10.0 HIGH | N/A |
Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow. | |||||
CVE-2015-3885 | 2 Dcraw Project, Fedoraproject | 2 Dcraw, Fedora | 2018-10-09 | 4.3 MEDIUM | N/A |
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable. | |||||
CVE-2015-0261 | 1 Tcpdump | 1 Tcpdump | 2018-10-09 | 7.5 HIGH | N/A |
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value. | |||||
CVE-2014-9029 | 1 Jasper Project | 1 Jasper | 2018-10-09 | 7.5 HIGH | N/A |
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow. | |||||
CVE-2014-4962 | 1 Shopizer | 1 Shopizer | 2018-10-09 | 6.4 MEDIUM | N/A |
Shopizer 1.1.5 and earlier allows remote attackers to reduce the total cost of their shopping cart via a negative number in the productQuantity parameter, which causes the price of the item to be subtracted from the total cost. | |||||
CVE-2014-4045 | 1 Digium | 1 Asterisk | 2018-10-09 | 4.3 MEDIUM | N/A |
The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device. | |||||
CVE-2014-0998 | 1 Freebsd | 1 Freebsd | 2018-10-09 | 7.2 HIGH | N/A |
Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call, which triggers an array index error and out-of-bounds kernel memory access. | |||||
CVE-2014-0211 | 2 Canonical, X | 2 Ubuntu Linux, Libxfont | 2018-10-09 | 7.5 HIGH | N/A |
Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. | |||||
CVE-2014-0209 | 2 Canonical, X | 2 Ubuntu Linux, Libxfont | 2018-10-09 | 4.6 MEDIUM | N/A |
Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata. | |||||
CVE-2013-1741 | 1 Mozilla | 1 Network Security Services | 2018-10-09 | 7.5 HIGH | N/A |
Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value. | |||||
CVE-2011-1659 | 1 Gnu | 1 Glibc | 2018-10-09 | 5.0 MEDIUM | N/A |
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. | |||||
CVE-2011-1290 | 2 Apple, Rim | 3 Webkit, Blackberry Torch 9800, Blackberry Torch 9800 Firmware | 2018-10-09 | 10.0 HIGH | N/A |
Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. | |||||
CVE-2011-0758 | 1 Ca | 2 Etrust Secure Content Manager, Gateway Security | 2018-10-09 | 10.0 HIGH | N/A |
The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. | |||||
CVE-2011-0557 | 1 Adobe | 1 Shockwave Player | 2018-10-09 | 9.3 HIGH | N/A |
Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption. |