Total
3389 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4309 | 2 Net-snmp, Redhat | 2 Net-snmp, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||||
| CVE-2009-0200 | 2 Openoffice, Redhat | 2 Openoffice.org, Enterprise Linux | 2025-04-09 | N/A |
| Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. | ||||
| CVE-2007-2223 | 1 Microsoft | 11 Expression Web, Office, Office Compatibility Pack and 8 more | 2025-04-09 | N/A |
| Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow. | ||||
| CVE-2009-0723 | 5 Gimp, Littlecms, Mozilla and 2 more | 5 Gimp, Little Cms, Firefox and 2 more | 2025-04-09 | N/A |
| Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0586 | 3 Canonical, Gstreamer Project, Redhat | 3 Ubuntu Linux, Gstreamer, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-2826 | 5 Canonical, Debian, Linux and 2 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2025-04-09 | N/A |
| Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure. | ||||
| CVE-2008-1374 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888. | ||||
| CVE-2008-2376 | 2 Redhat, Ruby-lang | 3 Enterprise Linux, Fedora 8, Ruby | 2025-04-09 | N/A |
| Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows. | ||||
| CVE-2007-4769 | 3 Postgresql, Redhat, Tcl Tk | 4 Postgresql, Enterprise Linux, Rhel Application Stack and 1 more | 2025-04-09 | N/A |
| The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number. | ||||
| CVE-2007-4986 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-09 | N/A |
| Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow. | ||||
| CVE-2022-3515 | 3 Gnupg, Gpg4win, Redhat | 10 Gnupg, Libksba, Vs-desktop and 7 more | 2025-04-08 | 9.8 Critical |
| A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment. | ||||
| CVE-2023-29364 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-08 | 7 High |
| Windows Authentication Elevation of Privilege Vulnerability | ||||
| CVE-2023-22895 | 1 Bzip2 Project | 1 Bzip2 | 2025-04-07 | 7.5 High |
| The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product. | ||||
| CVE-2022-1812 | 1 Publify Project | 1 Publify | 2025-04-07 | 9.8 Critical |
| Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2024-36337 | 2025-04-07 | 7.9 High | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability. | ||||
| CVE-2024-36336 | 2025-04-07 | 7.9 High | ||
| Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability. | ||||
| CVE-2024-36328 | 2025-04-07 | 7.3 High | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability. | ||||
| CVE-2023-23144 | 1 Gpac | 1 Gpac | 2025-04-03 | 5.5 Medium |
| Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master. | ||||
| CVE-2022-38725 | 1 Oneidentity | 2 Syslog-ng, Syslog-ng Store Box | 2025-04-03 | 7.5 High |
| An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. | ||||
| CVE-2006-3198 | 1 Opera | 1 Opera Browser | 2025-04-03 | N/A |
| Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended. | ||||