Total
2461 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2062 | 2 Google, Linux | 5 Nexus 5x, Nexus 5x Firmware, Nexus 6p and 2 more | 2020-08-03 | 4.6 MEDIUM | 7.8 HIGH |
| The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and incorrect memory allocation) or possibly have unspecified other impact via a crafted IOCTL_KGSL_PERFCOUNTER_QUERY ioctl call. | |||||
| CVE-2010-3729 | 1 Google | 1 Chrome | 2020-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-4202 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font. | |||||
| CVE-2016-2068 | 2 Google, Linux | 2 Android, Linux Kernel | 2020-07-31 | 6.8 MEDIUM | 7.8 HIGH |
| The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609. | |||||
| CVE-2018-13347 | 1 Mercurial | 1 Mercurial | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002. | |||||
| CVE-2020-10929 | 1 Netgear | 2 R6700, R6700 Firmware | 2020-07-30 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-9768. | |||||
| CVE-2018-9838 | 1 Ocaml | 1 Ocaml | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. | |||||
| CVE-2016-8859 | 1 Etalabs | 1 Musl | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write. | |||||
| CVE-2018-21009 | 1 Freedesktop | 1 Poppler | 2020-07-23 | 6.8 MEDIUM | 8.8 HIGH |
| Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. | |||||
| CVE-2020-0545 | 1 Intel | 3 Converged Security Management Engine Firmware, Server Platform Services, Trusted Execution Engine | 2020-07-22 | 2.1 LOW | 4.4 MEDIUM |
| Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2020-11904 | 1 Treck | 1 Tcp\/ip | 2020-07-22 | 7.5 HIGH | 7.3 HIGH |
| The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write. | |||||
| CVE-2018-13471 | 1 Beyondcash | 1 Beyondcashtoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13467 | 1 Epnex | 1 Epiphanycoin | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13478 | 1 Airbridge | 1 Dmptoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13481 | 1 Triumland | 1 Triumland | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for TRIUM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13533 | 1 Aluxdigital | 1 Aluxtoken | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for ALUXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13477 | 1 Cte | 1 Ctesale | 2020-07-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for CTESale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-10316 | 1 Nasm | 1 Netwide Assembler | 2020-07-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. | |||||
| CVE-2018-12371 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-07-13 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61. | |||||
| CVE-2016-5735 | 1 Pngquant | 1 Pngquant | 2020-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. | |||||