Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-190
Total 2006 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8995 1 Google 1 Android 2017-07-10 9.3 HIGH 7.8 HIGH
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2015-8998 1 Google 1 Android 2017-07-10 9.3 HIGH 7.8 HIGH
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2014-9935 1 Google 1 Android 2017-07-10 9.3 HIGH 7.8 HIGH
In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
CVE-2014-9932 1 Google 1 Android 2017-07-10 9.3 HIGH 7.8 HIGH
In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation.
CVE-2017-3011 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more 2017-07-10 9.3 HIGH 7.8 HIGH
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution.
CVE-2017-4913 1 Vmware 2 Horizon View, Workstation 2017-07-10 6.9 MEDIUM 7.8 HIGH
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.
CVE-2016-10239 1 Google 1 Android 2017-07-10 9.3 HIGH 7.8 HIGH
In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability could potentially occur.
CVE-2014-9964 1 Google 1 Android 2017-07-07 9.3 HIGH 7.8 HIGH
In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality.
CVE-2016-7947 2 Fedoraproject, X.org 2 Fedora, Libxrandr 2017-06-30 7.5 HIGH 9.8 CRITICAL
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
CVE-2016-9189 2 Debian, Python 2 Debian Linux, Pillow 2017-06-30 4.3 MEDIUM 5.5 MEDIUM
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component.
CVE-2016-7944 2 Fedoraproject, X.org 2 Fedora, Libxfixes 2017-06-30 7.5 HIGH 9.8 CRITICAL
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
CVE-2016-7133 1 Php 1 Php 2017-06-30 6.8 MEDIUM 8.1 HIGH
Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a long pathname.
CVE-2016-9426 1 W3m Project 1 W3m 2017-06-30 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service (OOM) and possibly execute arbitrary code due to bdwgc's bug (CVE-2016-9427) via a crafted HTML page.
CVE-2016-7945 2 Fedoraproject, X.org 2 Fedora, Libxi 2017-06-30 5.0 MEDIUM 7.5 HIGH
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
CVE-2016-5138 1 Google 1 Chrome 2017-06-30 6.8 MEDIUM 8.8 HIGH
Integer overflow in the kbasep_vinstr_attach_client function in midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service (heap-based buffer overflow and use-after-free) by leveraging an unrestricted multiplication.
CVE-2016-2326 3 Canonical, Debian, Ffmpeg 3 Ubuntu Linux, Debian Linux, Ffmpeg 2017-06-30 6.8 MEDIUM 8.8 HIGH
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.
CVE-2014-9944 1 Google 1 Android 2017-06-09 9.3 HIGH 7.8 HIGH
In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
CVE-2017-8782 1 Libming 1 Libming 2017-06-09 4.3 MEDIUM 6.5 MEDIUM
The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error.
CVE-2015-9005 1 Google 1 Android 2017-06-08 9.3 HIGH 7.8 HIGH
In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
CVE-2017-9187 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7.