Total
2446 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11894 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred network offload scan results integer overflow may lead to buffer overflow when large frame length is received from FW. | |||||
| CVE-2019-0689 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-04-09 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694. | |||||
| CVE-2019-0692 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-04-09 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0693, CVE-2019-0694. | |||||
| CVE-2019-0693 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-04-09 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0694. | |||||
| CVE-2019-0694 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-04-09 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0693. | |||||
| CVE-2019-0682 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-04-09 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0689, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694. | |||||
| CVE-2018-13226 | 1 Ylctoken Project | 1 Ylctoken | 2019-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| The sell function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. | |||||
| CVE-2018-10244 | 1 Suricata-ids | 1 Suricata | 2019-04-07 | 7.5 HIGH | 9.8 CRITICAL |
| Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check. | |||||
| CVE-2019-6250 | 2 Debian, Zeromq | 2 Debian Linux, Libzmq | 2019-04-03 | 9.0 HIGH | 8.8 HIGH |
| A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer (i.e., it is not necessary to use a typical buffer-overflow exploitation technique that changes the flow of control). | |||||
| CVE-2018-12896 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-04-03 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. | |||||
| CVE-2018-11879 | 1 Qualcomm | 2 Sd 845, Sd 845 Firmware | 2019-04-03 | 7.2 HIGH | 7.8 HIGH |
| When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845 | |||||
| CVE-2016-9082 | 1 Cairographics | 1 Cairo | 2019-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file. | |||||
| CVE-2019-7251 | 1 Digium | 1 Asterisk | 2019-04-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation. | |||||
| CVE-2016-1753 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-25 | 9.3 HIGH | 7.8 HIGH |
| Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
| CVE-2018-17100 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2019-03-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. | |||||
| CVE-2018-1000098 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2019-03-20 | 5.0 MEDIUM | 7.5 HIGH |
| Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2. | |||||
| CVE-2017-5208 | 3 Debian, Icoutils Project, Redhat | 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more | 2019-03-20 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code. | |||||
| CVE-2018-17882 | 1 Cryptobots | 1 Battletoken | 2019-03-18 | 5.0 MEDIUM | 7.5 HIGH |
| An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user. | |||||
| CVE-2017-6308 | 2 Debian, Tnef Project | 2 Debian Linux, Tnef | 2019-03-13 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation. | |||||
| CVE-2017-9776 | 3 Debian, Freedesktop, Redhat | 8 Debian Linux, Poppler, Enterprise Linux Desktop and 5 more | 2019-03-12 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | |||||