Total
2446 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-35989 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | |||||
| CVE-2023-35128 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | |||||
| CVE-2023-35057 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | |||||
| CVE-2023-35004 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | |||||
| CVE-2023-32650 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | |||||
| CVE-2024-21812 | 2024-04-02 | N/A | 9.8 CRITICAL | ||
| An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-31630 | 1 Php | 1 Php | 2024-04-02 | N/A | 7.1 HIGH |
| In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information. | |||||
| CVE-2024-3077 | 2024-03-29 | N/A | 6.8 MEDIUM | ||
| An malicious BLE device can crash BLE victim device by sending malformed gatt packet | |||||
| CVE-2024-1580 | 2024-03-27 | N/A | 5.9 MEDIUM | ||
| An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d. | |||||
| CVE-2020-14155 | 6 Apple, Gitlab, Netapp and 3 more | 20 Macos, Gitlab, Active Iq Unified Manager and 17 more | 2024-03-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | |||||
| CVE-2023-6780 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2024-03-26 | N/A | 5.3 MEDIUM |
| An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer. | |||||
| CVE-2023-26242 | 1 Linux | 1 Linux Kernel | 2024-03-25 | N/A | 7.8 HIGH |
| afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow. | |||||
| CVE-2023-23559 | 3 Debian, Linux, Netapp | 3 Debian Linux, Linux Kernel, Hci Baseboard Management Controller | 2024-03-25 | N/A | 7.8 HIGH |
| In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. | |||||
| CVE-2024-1916 | 2024-03-15 | N/A | 9.8 CRITICAL | ||
| Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. | |||||
| CVE-2024-1917 | 2024-03-15 | N/A | 9.8 CRITICAL | ||
| Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. | |||||
| CVE-2024-0803 | 2024-03-15 | N/A | 9.8 CRITICAL | ||
| Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. | |||||
| CVE-2022-25147 | 1 Apache | 1 Portable Runtime Utility | 2024-03-15 | N/A | 6.5 MEDIUM |
| Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions. | |||||
| CVE-2023-48409 | 1 Google | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
| In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-36328 | 2 Fedoraproject, Libtom | 2 Fedora, Libtommath | 2024-03-07 | N/A | 9.8 CRITICAL |
| Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). | |||||
| CVE-2024-27304 | 2024-03-06 | N/A | 9.8 CRITICAL | ||
| pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size. | |||||