Export limit exceeded: 361516 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4862 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9765 | 1 Genivia | 1 Gsoap | 2025-04-20 | N/A |
| Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via a large XML document, aka Devil's Ivy. NOTE: the large document would be blocked by many common web-server configurations on general-purpose computers. | ||||
| CVE-2016-10251 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value. | ||||
| CVE-2016-8705 | 2 Memcached, Redhat | 3 Memcached, Enterprise Linux, Mobile Application Platform | 2025-04-20 | N/A |
| Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | ||||
| CVE-2015-7852 | 5 Debian, Netapp, Ntp and 2 more | 15 Debian Linux, Clustered Data Ontap, Data Ontap and 12 more | 2025-04-20 | 5.9 Medium |
| ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. | ||||
| CVE-2016-8574 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-20 | N/A |
| The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). | ||||
| CVE-2016-8859 | 1 Etalabs | 1 Musl | 2025-04-20 | N/A |
| Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write. | ||||
| CVE-2017-16612 | 3 Canonical, Debian, X | 3 Ubuntu Linux, Debian Linux, Libxcursor | 2025-04-20 | N/A |
| libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0. | ||||
| CVE-2017-6009 | 3 Debian, Icoutils Project, Redhat | 9 Debian Linux, Icoutils, Enterprise Linux and 6 more | 2025-04-20 | N/A |
| An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool. | ||||
| CVE-2022-20516 | 1 Google | 1 Android | 2025-04-18 | 7.5 High |
| In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224002331 | ||||
| CVE-2022-20597 | 1 Google | 1 Android | 2025-04-18 | 7.8 High |
| In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N/A | ||||
| CVE-2022-20598 | 1 Google | 1 Android | 2025-04-18 | 7.8 High |
| In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A | ||||
| CVE-2022-47517 | 1 Drachtio | 1 Drachtio-server | 2025-04-17 | 7.5 High |
| An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that causes a url_canonize2 heap-based buffer over-read because of an off-by-one error. | ||||
| CVE-2021-32996 | 1 Fanuc | 18 R-30ia, R-30ia Firmware, R-30ia Mate and 15 more | 2025-04-17 | 7.5 High |
| The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required. | ||||
| CVE-2022-47629 | 3 Debian, Gnupg, Redhat | 9 Debian Linux, Libksba, Enterprise Linux and 6 more | 2025-04-16 | 9.8 Critical |
| Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. | ||||
| CVE-2021-27427 | 1 Riot-os | 1 Riot | 2025-04-16 | 7.3 High |
| RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | ||||
| CVE-2021-27417 | 1 Ecoscentric | 1 Ecospro | 2025-04-16 | 4.6 Medium |
| eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in function calloc (an implementation of malloc). The unverified memory assignment can lead to arbitrary memory allocation, resulting in a heap-based buffer overflow. | ||||
| CVE-2021-27411 | 1 Silabs | 1 Micrium Os | 2025-04-16 | 6.5 Medium |
| Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being allocated instead of very large ones. | ||||
| CVE-2021-27419 | 1 Uclibc-ng Project | 1 Uclibc-ng | 2025-04-16 | 7.3 High |
| uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | ||||
| CVE-2021-27425 | 1 Cesanta | 1 Mongoose Os | 2025-04-16 | 7.3 High |
| Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mm_malloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | ||||
| CVE-2021-27435 | 1 Arm | 1 Mbed | 2025-04-16 | 7.3 High |
| ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | ||||