Total
2461 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8354 | 3 Canonical, Debian, Sound Exchange Project | 3 Ubuntu Linux, Debian Linux, Sound Exchange | 2024-06-18 | 4.3 MEDIUM | 5.0 MEDIUM |
| An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow. | |||||
| CVE-2022-22976 | 3 Netapp, Oracle, Vmware | 3 Active Iq Unified Manager, Financial Services Crime And Compliance Management Studio, Spring Security | 2024-06-13 | 4.3 MEDIUM | 5.3 MEDIUM |
| Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE. | |||||
| CVE-2024-36121 | 1 Netty | 1 Netty-incubator-codec-ohttp | 2024-06-11 | N/A | 9.1 CRITICAL |
| netty-incubator-codec-ohttp is the OHTTP implementation for netty. BoringSSLAEADContext keeps track of how many OHTTP responses have been sent and uses this sequence number to calculate the appropriate nonce to use with the encryption algorithm. Unfortunately, two separate errors combine which would allow an attacker to cause the sequence number to overflow and thus the nonce to repeat. | |||||
| CVE-2023-47212 | 2024-06-10 | N/A | 9.8 CRITICAL | ||
| A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-45681 | 1 Nothings | 1 Stb Vorbis.c | 2024-06-10 | N/A | 7.8 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution. | |||||
| CVE-2021-3520 | 4 Lz4 Project, Netapp, Oracle and 1 more | 7 Lz4, Active Iq Unified Manager, Cloud Backup and 4 more | 2024-06-06 | 7.5 HIGH | 9.8 CRITICAL |
| There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well. | |||||
| CVE-2024-29997 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-05-23 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-30000 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-05-23 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-29999 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-05-23 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-30003 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-05-23 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-30001 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-05-23 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-30004 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-05-23 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-30005 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-05-23 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||
| CVE-2021-4327 | 1 Serenityos | 1 Serenityos | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is the function initialize_typed_array_from_array_buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. The manipulation leads to integer overflow. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as f6c6047e49f1517778f5565681fb64750b14bf60. It is recommended to apply a patch to fix this issue. VDB-222074 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-21905 | 2024-04-26 | N/A | N/A | ||
| An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2022-33282 | 1 Qualcomm | 40 Msm8996au, Msm8996au Firmware, Qam8295p and 37 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback. | |||||
| CVE-2022-40530 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | |||||
| CVE-2022-33248 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. | |||||
| CVE-2023-21644 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. | |||||
| CVE-2022-33296 | 1 Qualcomm | 228 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 225 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | |||||