Total
2006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21821 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2022-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity. | |||||
| CVE-2017-5063 | 5 Apple, Google, Linux and 2 more | 8 Macos, Android, Chrome and 5 more | 2022-04-08 | 6.8 MEDIUM | 8.8 HIGH |
| A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2016-7163 | 4 Debian, Fedoraproject, Redhat and 1 more | 9 Debian Linux, Fedora, Enterprise Linux Desktop and 6 more | 2022-04-07 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write. | |||||
| CVE-2019-9210 | 4 Advancemame, Canonical, Debian and 1 more | 4 Advancecomp, Ubuntu Linux, Debian Linux and 1 more | 2022-04-06 | 6.8 MEDIUM | 7.8 HIGH |
| In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.) | |||||
| CVE-2019-13115 | 5 Debian, F5, Fedoraproject and 2 more | 7 Debian Linux, Traffix Systems Signaling Delivery Controller, Fedora and 4 more | 2022-04-05 | 5.8 MEDIUM | 8.1 HIGH |
| In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855. | |||||
| CVE-2021-39759 | 1 Google | 1 Android | 2022-04-05 | 4.6 MEDIUM | 7.8 HIGH |
| In libstagefright, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-180200830 | |||||
| CVE-2022-23884 | 1 Minecraft | 1 Bedrock Server | 2022-04-04 | 7.5 HIGH | 9.8 CRITICAL |
| Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer). | |||||
| CVE-2021-38166 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2022-04-01 | 4.6 MEDIUM | 7.8 HIGH |
| In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability. | |||||
| CVE-2022-1036 | 1 Microweber | 1 Microweber | 2022-03-28 | 5.0 MEDIUM | 7.5 HIGH |
| Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12. | |||||
| CVE-2021-41864 | 4 Debian, Fedoraproject, Linux and 1 more | 24 Debian Linux, Fedora, Linux Kernel and 21 more | 2022-03-25 | 4.6 MEDIUM | 7.8 HIGH |
| prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | |||||
| CVE-2021-39732 | 1 Google | 1 Android | 2022-03-23 | 4.6 MEDIUM | 7.8 HIGH |
| In copy_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205992503References: N/A | |||||
| CVE-2021-39736 | 1 Google | 1 Android | 2022-03-23 | 4.6 MEDIUM | 6.7 MEDIUM |
| In prepare_io_entry and prepare_response of lwis_ioctl.c and lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205995773References: N/A | |||||
| CVE-2021-39719 | 1 Google | 1 Android | 2022-03-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205995178References: N/A | |||||
| CVE-2022-0961 | 1 Microweber | 1 Microweber | 2022-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12. | |||||
| CVE-2022-0968 | 1 Microweber | 1 Microweber | 2022-03-22 | 4.0 MEDIUM | 5.5 MEDIUM |
| The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12. | |||||
| CVE-2022-0913 | 1 Microweber | 1 Microweber | 2022-03-18 | 5.0 MEDIUM | 7.5 HIGH |
| Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3. | |||||
| CVE-2021-3428 | 1 Linux | 1 Linux Kernel | 2022-03-11 | 4.9 MEDIUM | 5.5 MEDIUM |
| A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat. | |||||
| CVE-2019-20788 | 4 Canonical, Debian, Libvnc Project and 1 more | 15 Ubuntu Linux, Debian Linux, Libvncserver and 12 more | 2022-03-10 | 7.5 HIGH | 9.8 CRITICAL |
| libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690. | |||||
| CVE-2020-14401 | 4 Debian, Libvncserver Project, Opensuse and 1 more | 15 Debian Linux, Libvncserver, Leap and 12 more | 2022-03-09 | 6.4 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. | |||||
| CVE-2021-32491 | 2 Debian, Djvulibre Project | 2 Debian Linux, Djvulibre | 2022-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences. | |||||