Total
2006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10316 | 1 Nasm | 1 Netwide Assembler | 2020-07-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. | |||||
| CVE-2018-12371 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-07-12 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61. | |||||
| CVE-2020-13822 | 1 Elliptic Project | 1 Elliptic | 2020-07-02 | 6.8 MEDIUM | 7.7 HIGH |
| The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature. | |||||
| CVE-2016-5735 | 1 Pngquant | 1 Pngquant | 2020-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. | |||||
| CVE-2019-14094 | 1 Qualcomm | 128 Apq8009, Apq8009 Firmware, Apq8053 and 125 more | 2020-06-25 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | |||||
| CVE-2004-0657 | 2 Hp, Ntp | 2 Tru64 Unix, Ntp | 2020-06-18 | 5.0 MEDIUM | N/A |
| Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time. | |||||
| CVE-2020-10063 | 1 Zephyrproject | 1 Zephyr | 2020-06-12 | 5.0 MEDIUM | 7.5 HIGH |
| A remote adversary with the ability to send arbitrary CoAP packets to be parsed by Zephyr is able to cause a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions. | |||||
| CVE-2020-9841 | 1 Apple | 1 Mac Os X | 2020-06-09 | 9.3 HIGH | 7.8 HIGH |
| An integer overflow was addressed through improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-10067 | 1 Zephyrproject | 1 Zephyr | 2020-06-05 | 7.2 HIGH | 7.8 HIGH |
| A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from denial of service to information leak to memory corruption resulting in code execution within the kernel. See NCC-ZEP-005 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions. | |||||
| CVE-2011-1121 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-06-04 | 7.5 HIGH | N/A |
| Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. | |||||
| CVE-2018-13508 | 1 Vicetoken | 1 Vittoken | 2020-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for VITToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2019-14066 | 1 Qualcomm | 28 Kamorta, Kamorta Firmware, Mdm9205 and 25 more | 2020-06-03 | 7.2 HIGH | 7.8 HIGH |
| Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SXR2130 | |||||
| CVE-2018-13581 | 1 Travelcoins | 1 Travelcointoken | 2020-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13504 | 1 Immcoin | 1 Immcoin | 2020-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for MMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2020-3641 | 1 Qualcomm | 76 Apq8009, Apq8009 Firmware, Apq8053 and 73 more | 2020-06-03 | 10.0 HIGH | 9.8 CRITICAL |
| Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130 | |||||
| CVE-2019-20805 | 1 Upx Project | 1 Upx | 2020-06-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PT_DYNAMIC segment. | |||||
| CVE-2015-5707 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2020-06-02 | 4.6 MEDIUM | N/A |
| Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | |||||
| CVE-2020-11869 | 1 Qemu | 1 Qemu | 2020-05-28 | 2.1 LOW | 3.3 LOW |
| An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service. | |||||
| CVE-2011-1437 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering. | |||||
| CVE-2011-1800 | 1 Google | 1 Chrome | 2020-05-22 | 7.5 HIGH | N/A |
| Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||