Total
2006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0750 | 5 Canonical, Mozilla, Opensuse and 2 more | 15 Ubuntu Linux, Firefox, Firefox Esr and 12 more | 2020-08-04 | 9.3 HIGH | N/A |
| Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow. | |||||
| CVE-2017-6312 | 3 Debian, Fedoraproject, Gnome | 3 Debian Linux, Fedora, Gdk-pixbuf | 2020-08-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations. | |||||
| CVE-2016-2062 | 2 Google, Linux | 5 Nexus 5x, Nexus 5x Firmware, Nexus 6p and 2 more | 2020-08-03 | 4.6 MEDIUM | 7.8 HIGH |
| The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and incorrect memory allocation) or possibly have unspecified other impact via a crafted IOCTL_KGSL_PERFCOUNTER_QUERY ioctl call. | |||||
| CVE-2010-3729 | 1 Google | 1 Chrome | 2020-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-4202 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font. | |||||
| CVE-2010-4203 | 3 Google, Redhat, Webmproject | 5 Chrome, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2020-07-31 | 10.0 HIGH | 9.8 CRITICAL |
| WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames. | |||||
| CVE-2016-2068 | 2 Google, Linux | 2 Android, Linux Kernel | 2020-07-31 | 6.8 MEDIUM | 7.8 HIGH |
| The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609. | |||||
| CVE-2018-13347 | 1 Mercurial | 1 Mercurial | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002. | |||||
| CVE-2020-10929 | 1 Netgear | 2 R6700, R6700 Firmware | 2020-07-30 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-9768. | |||||
| CVE-2018-9838 | 1 Ocaml | 1 Ocaml | 2020-07-26 | 7.5 HIGH | 9.8 CRITICAL |
| The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. | |||||
| CVE-2016-8859 | 1 Etalabs | 1 Musl | 2020-07-26 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write. | |||||
| CVE-2018-21009 | 1 Freedesktop | 1 Poppler | 2020-07-23 | 6.8 MEDIUM | 8.8 HIGH |
| Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. | |||||
| CVE-2020-0545 | 1 Intel | 3 Converged Security Management Engine Firmware, Server Platform Services, Trusted Execution Engine | 2020-07-22 | 2.1 LOW | 4.4 MEDIUM |
| Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2020-11904 | 1 Treck | 1 Tcp\/ip | 2020-07-21 | 7.5 HIGH | 7.3 HIGH |
| The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write. | |||||
| CVE-2018-13471 | 1 Beyondcash | 1 Beyondcashtoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13467 | 1 Epnex | 1 Epiphanycoin | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13478 | 1 Airbridge | 1 Dmptoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13481 | 1 Triumland | 1 Triumland | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for TRIUM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13533 | 1 Aluxdigital | 1 Aluxtoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ALUXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13477 | 1 Cte | 1 Ctesale | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for CTESale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||