Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-191
Total 161 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-8768 4 Canonical, Opensuse, Oracle and 1 more 4 Ubuntu Linux, Opensuse, Solaris and 1 more 2018-10-30 5.0 MEDIUM N/A
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
CVE-2018-12230 1 Remicoin Project 1 Remicoin 2018-09-11 5.0 MEDIUM 7.5 HIGH
An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin (RMC), an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks.
CVE-2018-5865 1 Google 1 Android 2018-08-27 2.1 LOW 5.5 MEDIUM
While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur.
CVE-2018-12025 1 Futurxe 1 Futurxe 2018-08-06 5.0 MEDIUM 7.5 HIGH
The transferFrom function of a smart contract implementation for FuturXE (FXE), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized transfer of digital assets because of a logic error. The developer messed up with the boolean judgment - if the input value is smaller than or equal to allowed value, the transfer session would stop execution by returning false. This makes no sense, because the transferFrom() function should require the transferring value to not exceed the allowed value in the first place. Suppose this function asks for the allowed value to be smaller than the input. Then, the attacker could easily ignore the allowance: after this condition, the `allowed[from][msg.sender] -= value;` would cause an underflow because the allowed part is smaller than the value. The attacker could transfer any amount of FuturXe tokens of any accounts to an appointed account (the `_to` address) because the allowed value is initialized to 0, and the attacker could bypass this restriction even without the victim's private key.
CVE-2018-5850 1 Google 1 Android 2018-07-17 9.3 HIGH 7.8 HIGH
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2017-14496 6 Canonical, Debian, Google and 3 more 8 Ubuntu Linux, Debian Linux, Android and 5 more 2018-05-10 7.8 HIGH 7.5 HIGH
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
CVE-2015-9129 1 Qualcomm 50 Mdm9206, Mdm9206 Firmware, Mdm9650 and 47 more 2018-05-10 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs.
CVE-2015-9167 1 Qualcomm 36 Sd 410, Sd 410 Firmware, Sd 412 and 33 more 2018-05-09 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur.
CVE-2015-9198 1 Qualcomm 70 Ipq4019, Ipq4019 Firmware, Mdm9206 and 67 more 2018-05-09 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory.
CVE-2016-10268 1 Libtiff 1 Libtiff 2018-03-21 6.8 MEDIUM 7.8 HIGH
tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.
CVE-2015-1208 1 Ffmpeg 1 Ffmpeg 2018-01-30 4.3 MEDIUM 5.5 MEDIUM
Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.
CVE-2016-2316 2 Digium, Fedoraproject 3 Asterisk, Certified Asterisk, Fedora 2017-11-03 7.1 HIGH 5.9 MEDIUM
chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retransmit timeout values.
CVE-2016-10166 1 Libgd 1 Libgd 2017-11-03 7.5 HIGH 9.8 CRITICAL
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.
CVE-2017-8911 1 Tnef Project 1 Tnef 2017-11-03 7.5 HIGH 9.8 CRITICAL
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.
CVE-2017-15874 1 Busybox 1 Busybox 2017-10-31 4.3 MEDIUM 5.5 MEDIUM
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.
CVE-2017-14796 1 Libbpg Project 1 Libbpg 2017-09-30 6.8 MEDIUM 8.8 HIGH
The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in hevc_filter.c in libavcodec in FFmpeg and sao_filter_CTB in hevc_filter.c in libavcodec in FFmpeg.
CVE-2017-13666 1 Multicorewareinc 1 X265 2017-09-07 2.1 LOW 5.5 MEDIUM
An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can cause an integer underflow, which leads to a crash. This is a different vulnerability than CVE-2017-8906.
CVE-2015-2311 1 Capnproto 1 Capnproto 2017-08-17 7.5 HIGH 9.8 CRITICAL
Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message.
CVE-2017-3034 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more 2017-07-10 9.3 HIGH 7.8 HIGH
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2017-7367 1 Google 1 Android 2017-07-07 9.3 HIGH 7.8 HIGH
In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image.