Total
2006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17409 | 1 Bitdefender | 1 Internet Security 2018 | 2019-10-09 | 9.3 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within emulator 0x10A in cevakrnl.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-5102. | |||||
| CVE-2017-17408 | 1 Bitdefender | 1 Internet Security 2018 | 2019-10-09 | 9.3 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within cevakrnl.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-5101. | |||||
| CVE-2017-12177 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-12179 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-10954 | 1 Bitdefender | 1 Internet Security 2018 | 2019-10-09 | 9.3 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security Internet Security 2018 prior to build 7.72918. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within pdf.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-4361. | |||||
| CVE-2016-8620 | 1 Haxx | 1 Curl | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | |||||
| CVE-2016-2120 | 2 Debian, Powerdns | 2 Debian Linux, Authoritative | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to an integer overflow when checking if the content of the record matches the expected size, allowing an attacker to cause a read past the buffer boundary. | |||||
| CVE-2015-5297 | 1 Pixman | 1 Pixman | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code. | |||||
| CVE-2019-16508 | 1 Google | 1 Chrome Os | 2019-10-08 | 9.3 HIGH | 7.8 HIGH |
| The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler, as demonstrated by PVRSRVBridgeSyncPrimOpCreate. | |||||
| CVE-2018-13709 | 1 Diytubecoin Project | 1 Diytubecoin | 2019-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Tube, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13699 | 1 Destineedtoken Project | 1 Destineedtoken | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13670 | 1 Gfcoin | 1 Gfcb | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for GFCB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13169 | 1 Ethereum Cash Pro Coin Project | 1 Ethereum Cash Pro Coin | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Ethereum Cash Pro (ECP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13170 | 1 Snoqualmiecoin Project | 1 Snoqualmiecoin | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Snoqualmie Coin (SNOW), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13181 | 1 Cointroops Project | 1 Cointroops | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Troo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13176 | 1 Trustzen Project | 1 Trustzen | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Trust Zen Token (ZEN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13177 | 1 Miningrigrentalstoken Project | 1 Miningrigrentalstoken | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for MiningRigRentals Token (MRR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13179 | 1 Aircontacttoken Project | 1 Aircontacttoken | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for Air-Contact Token (AIR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13180 | 1 Immcoin Project | 1 Immcoin | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for IMM Coin (IMC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13194 | 1 Ttcoin Project | 1 Ttcoin | 2019-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for TongTong Coin (TTCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||