Total
2461 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-7437 | 1 Icoasoft | 1 Potrace | 2023-12-21 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service (crash) via large dimensions in a BMP image, which triggers a buffer overflow. | |||||
| CVE-2023-4734 | 2 Apple, Vim | 2 Macos, Vim | 2023-12-21 | N/A | 7.8 HIGH |
| Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. | |||||
| CVE-2023-42562 | 1 Samsung | 1 Android | 2023-12-08 | N/A | 7.8 HIGH |
| Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow. | |||||
| CVE-2023-42563 | 1 Samsung | 1 Android | 2023-12-08 | N/A | 7.8 HIGH |
| Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow. | |||||
| CVE-2015-8751 | 1 Jasper Project | 1 Jasper | 2023-12-05 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation. | |||||
| CVE-2023-4398 | 1 Zyxel | 20 Atp100, Atp100w, Atp200 and 17 more | 2023-12-04 | N/A | 7.5 HIGH |
| An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet. | |||||
| CVE-2021-27429 | 1 Ti | 14 Cc3200, Cc3220r, Cc3220s and 11 more | 2023-12-01 | N/A | 7.8 HIGH |
| Texas Instruments TI-RTOS returns a valid pointer to a small buffer on extremely large values. This can trigger an integer overflow vulnerability in 'HeapTrack_alloc' and result in code execution. | |||||
| CVE-2021-22636 | 1 Ti | 14 Cc3200, Cc3220r, Cc3220s and 11 more | 2023-12-01 | N/A | 7.8 HIGH |
| Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. | |||||
| CVE-2021-27502 | 1 Ti | 14 Cc3200, Cc3220r, Cc3220s and 11 more | 2023-12-01 | N/A | 7.8 HIGH |
| Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. | |||||
| CVE-2021-27504 | 2 Amazon, Ti | 6 Freertos, Simplelink Cc13xx Software Development Kit, Simplelink Cc26xx Software Development Kit and 3 more | 2023-12-01 | N/A | 7.8 HIGH |
| Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution. | |||||
| CVE-2023-42752 | 1 Linux | 1 Linux Kernel | 2023-11-29 | N/A | 5.5 MEDIUM |
| An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers. | |||||
| CVE-2021-31873 | 2 Debian, Klibc Project | 2 Debian Linux, Klibc | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow. | |||||
| CVE-2023-38560 | 1 Artifex | 1 Ghostscript | 2023-11-07 | N/A | 5.5 MEDIUM |
| An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. | |||||
| CVE-2023-25662 | 1 Google | 1 Tensorflow | 2023-11-07 | N/A | 7.5 HIGH |
| TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. | |||||
| CVE-2023-25667 | 1 Google | 1 Tensorflow | 2023-11-07 | N/A | 7.5 HIGH |
| TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 <= num_frames * height * width * channels < 2^32`, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. | |||||
| CVE-2023-22443 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2023-11-07 | N/A | 5.5 MEDIUM |
| Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. | |||||
| CVE-2023-0754 | 3 Ge, Ptc, Rockwellautomation | 9 Digital Industrial Gateway Server, Kepware Server, Kepware Serverex and 6 more | 2023-11-07 | N/A | 9.8 CRITICAL |
| The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code. | |||||
| CVE-2022-39343 | 1 Microsoft | 1 Azure Rtos Filex | 2023-11-07 | N/A | 7.8 HIGH |
| Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the `_fx_fault_tolerant_enable` function an attempt to recover the previous failed write operation is taken by call of `_fx_fault_tolerant_apply_logs`. This function iterates through the log entries and performs required recovery operations. When properly crafted a log including entries of type `FX_FAULT_TOLERANT_DIR_LOG_TYPE` may be utilized to introduce unexpected behavior. This issue has been patched in version 6.2.0. A workaround to fix line 218 in fx_fault_tolerant_apply_logs.c is documented in the GHSA. | |||||
| CVE-2022-38784 | 3 Debian, Fedoraproject, Freedesktop | 3 Debian Linux, Fedora, Poppler | 2023-11-07 | N/A | 7.8 HIGH |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | |||||
| CVE-2022-38216 | 1 Mapbox | 1 Maps Software Development Kit | 2023-11-07 | N/A | 7.5 HIGH |
| An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process. | |||||