Total
2446 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22422 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting. | |||||
| CVE-2021-22418 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting. | |||||
| CVE-2018-18438 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2021-08-04 | 2.1 LOW | 5.5 MEDIUM |
| Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. | |||||
| CVE-2018-17963 | 4 Canonical, Debian, Qemu and 1 more | 6 Ubuntu Linux, Debian Linux, Qemu and 3 more | 2021-08-04 | 7.5 HIGH | 9.8 CRITICAL |
| qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. | |||||
| CVE-2018-11219 | 4 Debian, Oracle, Redhat and 1 more | 4 Debian Linux, Communications Operations Monitor, Openstack and 1 more | 2021-08-04 | 7.5 HIGH | 9.8 CRITICAL |
| An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking. | |||||
| CVE-2018-20506 | 4 Apple, Microsoft, Opensuse and 1 more | 9 Icloud, Iphone Os, Itunes and 6 more | 2021-07-31 | 6.8 MEDIUM | 8.1 HIGH |
| SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346. | |||||
| CVE-2020-19490 | 1 Tinyexr Project | 1 Tinyexr | 2021-07-31 | 4.3 MEDIUM | 5.5 MEDIUM |
| tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. | |||||
| CVE-2020-19497 | 1 Matio Project | 1 Matio | 2021-07-30 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts. | |||||
| CVE-2020-14147 | 4 Debian, Oracle, Redislabs and 1 more | 4 Debian Linux, Communications Operations Monitor, Redis and 1 more | 2021-07-30 | 4.0 MEDIUM | 7.7 HIGH |
| An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression. | |||||
| CVE-2021-32714 | 1 Hyper | 1 Hyper | 2021-07-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had a flaw that could trigger an integer overflow when decoding chunk sizes that are too big. This allows possible data loss, or if combined with an upstream HTTP proxy that allows chunk sizes larger than hyper does, can result in "request smuggling" or "desync attacks." The vulnerability is patched in version 0.14.10. Two possible workarounds exist. One may reject requests manually that contain a `Transfer-Encoding` header or ensure any upstream proxy rejects `Transfer-Encoding` chunk sizes greater than what fits in 64-bit unsigned integers. | |||||
| CVE-2019-2297 | 1 Qualcomm | 60 Apq8009, Apq8009 Firmware, Apq8017 and 57 more | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150 | |||||
| CVE-2019-13995 | 1 Qualcomm | 130 Apq8009, Apq8009 Firmware, Apq8017 and 127 more | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | |||||
| CVE-2020-11205 | 1 Qualcomm | 28 Qsm8350, Qsm8350 Firmware, Sa6145p and 25 more | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155P, SA8195P, SDX55M, SM8250, SM8350, SM8350P, SXR2130, SXR2130P | |||||
| CVE-2020-25574 | 1 Hyper | 1 Http | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop). | |||||
| CVE-2020-17443 | 1 Altran | 1 Picotcp | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the size of the ICMPv6 echo replies has an integer wrap around, leading to memory corruption and, eventually, Denial-of-Service in pico_icmp6_send_echoreply_not_frag in pico_icmp6.c. | |||||
| CVE-2020-0167 | 1 Google | 1 Android | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In load of ResourceTypes.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-129475100 | |||||
| CVE-2020-0128 | 1 Google | 1 Android | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123940919 | |||||
| CVE-2020-1281 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'. | |||||
| CVE-2020-11939 | 1 Ntop | 1 Ndpi | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis. | |||||
| CVE-2020-28248 | 1 Png-img Project | 1 Png-img | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow in the PngImg::InitStorage_() function of png-img before 3.1.0 leads to an under-allocation of heap memory and subsequently an exploitable heap-based buffer overflow when loading a crafted PNG file. | |||||