Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-190
Total 2006 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-0705 1 Google 1 Chrome 2023-02-16 N/A 7.5 HIGH
Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2015-8394 2 Pcre, Php 2 Perl Compatible Regular Expression Library, Php 2023-02-16 7.5 HIGH 9.8 CRITICAL
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2015-8387 3 Fedoraproject, Pcre, Php 3 Fedora, Perl Compatible Regular Expression Library, Php 2023-02-16 7.5 HIGH 7.3 HIGH
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2017-1000158 2 Debian, Python 2 Debian Linux, Python 2023-02-16 7.5 HIGH 9.8 CRITICAL
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)
CVE-2019-16096 1 Kilo Project 1 Kilo 2023-02-15 5.0 MEDIUM 7.5 HIGH
Kilo 0.0.1 has a heap-based buffer overflow because there is an integer overflow in a calculation involving the number of tabs in one row.
CVE-2023-0615 1 Linux 1 Linux Kernel 2023-02-14 N/A 5.5 MEDIUM
A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled.
CVE-2017-7482 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Mrg 2023-02-14 7.2 HIGH 7.8 HIGH
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.
CVE-2023-20602 2 Google, Mediatek 25 Android, Mt6735, Mt6737 and 22 more 2023-02-14 N/A 6.7 MEDIUM
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494107; Issue ID: ALPS07494107.
CVE-2018-14634 4 Canonical, Linux, Netapp and 1 more 9 Ubuntu Linux, Linux Kernel, Active Iq Performance Analytics Services and 6 more 2023-02-12 7.2 HIGH 7.8 HIGH
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
CVE-2013-1913 3 Gimp, Gnome, Redhat 3 Gimp, Glib, Enterprise Linux 2023-02-12 6.8 MEDIUM N/A
Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large color entries value in an X Window System (XWD) image dump.
CVE-2012-1185 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2023-02-12 6.8 MEDIUM 7.8 HIGH
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
CVE-2011-1178 1 Gimp 1 Gimp 2023-02-12 6.8 MEDIUM N/A
Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange (PCX) plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based buffer overflow.
CVE-2010-4160 3 Linux, Opensuse, Suse 5 Linux Kernel, Opensuse, Linux Enterprise Desktop and 2 more 2023-02-12 6.9 MEDIUM N/A
Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call.
CVE-2010-4157 4 Fedoraproject, Linux, Opensuse and 1 more 7 Fedora, Linux Kernel, Opensuse and 4 more 2023-02-12 6.2 MEDIUM N/A
Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.
CVE-2010-4162 4 Fedoraproject, Linux, Opensuse and 1 more 7 Fedora, Linux Kernel, Opensuse and 4 more 2023-02-12 4.7 MEDIUM N/A
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.
CVE-2010-3865 3 Linux, Opensuse, Suse 4 Linux Kernel, Opensuse, Linux Enterprise High Availability Extension and 1 more 2023-02-12 7.2 HIGH N/A
Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow.
CVE-2010-3442 6 Canonical, Debian, Fedoraproject and 3 more 9 Ubuntu Linux, Debian Linux, Fedora and 6 more 2023-02-12 4.7 MEDIUM N/A
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.
CVE-2010-3067 5 Canonical, Debian, Linux and 2 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2023-02-12 4.9 MEDIUM N/A
Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.
CVE-2010-2478 3 Canonical, Linux, Suse 4 Ubuntu Linux, Linux Kernel, Linux Enterprise Desktop and 1 more 2023-02-12 7.2 HIGH N/A
Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value that triggers a buffer overflow, a different vulnerability than CVE-2010-3084.
CVE-2010-1634 5 Canonical, Fedoraproject, Opensuse and 2 more 5 Ubuntu Linux, Fedora, Opensuse and 2 more 2023-02-12 5.0 MEDIUM N/A
Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.