Total
2006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2454 | 1 Gpac | 1 Gpac | 2022-07-26 | N/A | 7.8 HIGH |
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. | |||||
| CVE-2022-32073 | 1 Wolfssh | 1 Wolfssh | 2022-07-26 | 7.5 HIGH | 9.8 CRITICAL |
| WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR. | |||||
| CVE-2021-42755 | 1 Fortinet | 5 Fortios, Fortiproxy, Fortirecorder Firmware and 2 more | 2022-07-25 | N/A | 4.3 MEDIUM |
| An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service. | |||||
| CVE-2022-0545 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-07-25 | 5.1 MEDIUM | 7.8 HIGH |
| An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. | |||||
| CVE-2020-29238 | 1 Expressvpn | 1 Expressvpn | 2022-07-22 | 5.0 MEDIUM | 7.5 HIGH |
| An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request. | |||||
| CVE-2021-21783 | 2 Genivia, Oracle | 6 Gsoap, Communications Diameter Signaling Router, Communications Eagle Application Processor and 3 more | 2022-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2016-3078 | 1 Php | 1 Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class. | |||||
| CVE-2016-4346 | 2 Opensuse, Php | 3 Leap, Opensuse, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | |||||
| CVE-2016-4344 | 1 Php | 1 Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow. | |||||
| CVE-2016-4345 | 1 Php | 1 Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | |||||
| CVE-2016-5770 | 3 Debian, Opensuse, Php | 4 Debian Linux, Leap, Opensuse and 1 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096. | |||||
| CVE-2017-5340 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. | |||||
| CVE-2017-9120 | 2 Netapp, Php | 2 Storage Automation Store, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string. | |||||
| CVE-2022-31600 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2022-07-13 | 4.6 MEDIUM | 8.2 HIGH |
| NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and information disclosure. The scope of impact can extend to other components. | |||||
| CVE-2021-34536 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability | |||||
| CVE-2021-34513 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33751, CVE-2021-34460, CVE-2021-34510, CVE-2021-34512. | |||||
| CVE-2021-34510 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33751, CVE-2021-34460, CVE-2021-34512, CVE-2021-34513. | |||||
| CVE-2021-31808 | 4 Debian, Fedoraproject, Netapp and 1 more | 4 Debian Linux, Fedora, Cloud Manager and 1 more | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this. | |||||
| CVE-2022-1475 | 1 Ffmpeg | 1 Ffmpeg | 2022-07-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file. | |||||
| CVE-2015-1283 | 8 Canonical, Debian, Google and 5 more | 13 Ubuntu Linux, Debian Linux, Chrome and 10 more | 2022-07-05 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. | |||||