Total
251 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10268 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23. | |||||
| CVE-2017-8911 | 1 Tnef Project | 1 Tnef | 2017-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. | |||||
| CVE-2016-2316 | 2 Digium, Fedoraproject | 3 Asterisk, Certified Asterisk, Fedora | 2017-11-04 | 7.1 HIGH | 5.9 MEDIUM |
| chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retransmit timeout values. | |||||
| CVE-2016-10166 | 1 Libgd | 1 Libgd | 2017-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. | |||||
| CVE-2017-15874 | 1 Busybox | 1 Busybox | 2017-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
| archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation. | |||||
| CVE-2017-14796 | 1 Libbpg Project | 1 Libbpg | 2017-09-30 | 6.8 MEDIUM | 8.8 HIGH |
| The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in hevc_filter.c in libavcodec in FFmpeg and sao_filter_CTB in hevc_filter.c in libavcodec in FFmpeg. | |||||
| CVE-2017-13666 | 1 Multicorewareinc | 1 X265 | 2017-09-07 | 2.1 LOW | 5.5 MEDIUM |
| An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can cause an integer underflow, which leads to a crash. This is a different vulnerability than CVE-2017-8906. | |||||
| CVE-2015-2311 | 1 Capnproto | 1 Capnproto | 2017-08-17 | 7.5 HIGH | 9.8 CRITICAL |
| Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message. | |||||
| CVE-2017-3034 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-7367 | 1 Google | 1 Android | 2017-07-08 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image. | |||||
| CVE-2014-9883 | 1 Google | 1 Android | 2016-11-28 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28769912 and Qualcomm internal bug CR565160. | |||||