Total
2006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8389 | 1 Iceni | 1 Argus | 2022-12-13 | 9.3 HIGH | 7.8 HIGH |
| An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and then attempt to rasterize these shapes. As the application attempts to iterate through the rows and initializing the polygon shape in the buffer, it will write outside of the bounds of said buffer. This can lead to code execution under the context of the account running it. | |||||
| CVE-2022-44638 | 3 Debian, Fedoraproject, Pixman | 3 Debian Linux, Fedora, Pixman | 2022-12-13 | N/A | 8.8 HIGH |
| In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. | |||||
| CVE-2016-8733 | 1 Joyent | 1 Smartos | 2022-12-13 | 7.2 HIGH | 8.8 HIGH |
| An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-9031. | |||||
| CVE-2016-9031 | 1 Joyent | 1 Smartos | 2022-12-13 | 6.9 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-8733. | |||||
| CVE-2016-2105 | 8 Apple, Canonical, Debian and 5 more | 15 Mac Os X, Ubuntu Linux, Debian Linux and 12 more | 2022-12-13 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data. | |||||
| CVE-2016-2177 | 3 Hp, Openssl, Oracle | 6 Icewall Mcrp, Icewall Sso, Icewall Sso Agent Option and 3 more | 2022-12-13 | 7.5 HIGH | 9.8 CRITICAL |
| OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. | |||||
| CVE-2021-20303 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2022-12-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well. | |||||
| CVE-2021-20300 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2022-12-12 | 7.1 HIGH | 5.5 MEDIUM |
| A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-3477 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2022-12-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability. | |||||
| CVE-2022-4398 | 1 Radare | 1 Radare2 | 2022-12-12 | N/A | 7.8 HIGH |
| Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. | |||||
| CVE-2022-39907 | 1 Google | 1 Android | 2022-12-12 | N/A | 7.8 HIGH |
| Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | |||||
| CVE-2022-23484 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2017-7603 | 1 Libaacplus Project | 1 Libaacplus | 2022-12-09 | 6.8 MEDIUM | 7.8 HIGH |
| au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | |||||
| CVE-2017-14441 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2022-12-08 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2019-16167 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-12-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. | |||||
| CVE-2021-43618 | 3 Debian, Gmplib, Netapp | 13 Debian Linux, Gmp, Active Iq Unified Manager and 10 more | 2022-12-08 | 5.0 MEDIUM | 7.5 HIGH |
| GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. | |||||
| CVE-2022-2285 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2022-12-08 | 6.8 MEDIUM | 7.8 HIGH |
| Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. | |||||
| CVE-2022-41325 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2022-12-08 | N/A | 7.8 HIGH |
| An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions. | |||||
| CVE-2022-42763 | 2 Google, Unisoc | 14 Android, S8008, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42764 | 2 Google, Unisoc | 14 Android, S8009, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||