Total
2006 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-5853 | 1 Podofo Project | 1 Podofo | 2017-03-02 | 6.8 MEDIUM | 7.8 HIGH |
Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||||
CVE-2016-9824 | 1 Libav | 1 Libav | 2017-03-02 | 4.3 MEDIUM | 5.5 MEDIUM |
Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
CVE-2017-5501 | 1 Jasper Project | 1 Jasper | 2017-03-02 | 4.3 MEDIUM | 5.5 MEDIUM |
Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
CVE-2016-9132 | 1 Botan Project | 1 Botan | 2017-03-02 | 7.5 HIGH | 9.8 CRITICAL |
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure. | |||||
CVE-2017-0309 | 5 Freebsd, Linux, Microsoft and 2 more | 5 Freebsd, Linux Kernel, Windows and 2 more | 2017-02-23 | 7.2 HIGH | 8.8 HIGH |
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where multiple integer overflows may cause improper memory allocation leading to a denial of service or potential escalation of privileges. | |||||
CVE-2016-6871 | 1 Facebook | 1 Hhvm | 2017-02-22 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow. | |||||
CVE-2016-6872 | 1 Facebook | 1 Hhvm | 2017-02-22 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | |||||
CVE-2016-1889 | 1 Freebsd | 1 Freebsd | 2017-02-16 | 7.2 HIGH | 7.8 HIGH |
Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor. | |||||
CVE-2016-4352 | 1 Libavformat Project | 1 Libavformat | 2017-02-07 | 4.3 MEDIUM | 5.5 MEDIUM |
Integer overflow in the demuxer function in libmpdemux/demux_gif.c in Mplayer allows remote attackers to cause a denial of service (crash) via large dimensions in a gif file. | |||||
CVE-2016-6164 | 1 Ffmpeg | 1 Ffmpeg | 2017-01-31 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size. | |||||
CVE-2016-8438 | 1 Linux | 1 Linux Kernel | 2017-01-17 | 10.0 HIGH | 9.8 CRITICAL |
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638. | |||||
CVE-2016-4290 | 1 Hancom | 1 Hancom Office 2014 | 2017-01-10 | 6.8 MEDIUM | 7.8 HIGH |
When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a block of data within the file. When calculating this length, the application will use a value from the file and add a constant to it without checking whether the addition of the constant will cause the integer to overflow which will cause the buffer to be undersized when the application tries to copy file data into it. This allows one to overwrite contiguous data in the heap which can lead to code-execution under the context of the application. | |||||
CVE-2016-4291 | 1 Hancom | 1 Hancom Office 2014 | 2017-01-10 | 6.8 MEDIUM | 7.8 HIGH |
When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow. This result is then used to allocate memory to copy file data in. Due to the lack of bounds checking on the integer, the allocated memory buffer can be made to be undersized at which point the reading of file data will write outside the bounds of the buffer. This can lead to code execution under the context of the application. | |||||
CVE-2016-4298 | 1 Hancom | 1 Hancom Office 2014 | 2017-01-10 | 6.8 MEDIUM | 7.8 HIGH |
When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When calculating this length, an integer overflow can be made to occur which will cause the buffer to be undersized when the application tries to copy file data into the object containing this structure. This allows one to overwrite contiguous data in the heap which can lead to code-execution under the context of the application. | |||||
CVE-2015-1214 | 3 Canonical, Google, Redhat | 6 Ubuntu Linux, Chrome, Enterprise Linux Desktop Supplementary and 3 more | 2016-12-21 | 7.5 HIGH | N/A |
Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a reset action with a large count value, leading to an out-of-bounds write operation. | |||||
CVE-2016-5841 | 2 Imagemagick, Oracle | 2 Imagemagick, Solaris | 2016-12-14 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. | |||||
CVE-2016-7990 | 2 Google, Samsung | 6 Android, Galaxy S4, Galaxy S4 Mini and 3 more | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of SVE-2016-6542. | |||||
CVE-2016-9277 | 1 Samsung | 1 Samsung Mobile | 2016-11-29 | 7.8 HIGH | 7.5 HIGH |
Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906. | |||||
CVE-2016-5769 | 1 Php | 1 Php | 2016-11-28 | 7.5 HIGH | 9.8 CRITICAL |
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions. | |||||
CVE-2016-5095 | 1 Php | 1 Php | 2016-11-28 | 7.5 HIGH | 8.6 HIGH |
Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094. |