Total
3243 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-36618 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 6.2 Medium |
| FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition. | ||||
| CVE-2024-36616 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 6.5 Medium |
| An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file. | ||||
| CVE-2024-35366 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 9.1 Critical |
| FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking. | ||||
| CVE-2024-36613 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 6.2 Medium |
| FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior. | ||||
| CVE-2023-47994 | 1 Freeimage Project | 1 Freeimage | 2025-06-03 | 8.8 High |
| An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code. | ||||
| CVE-2023-28185 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-06-03 | 5.5 Medium |
| An integer overflow was addressed through improved input validation. This issue is fixed in tvOS 16.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to cause a denial-of-service. | ||||
| CVE-2023-35057 | 1 Tonybybell | 1 Gtkwave | 2025-06-03 | 7.8 High |
| An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-38618 | 1 Tonybybell | 1 Gtkwave | 2025-06-03 | 7.8 High |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array. | ||||
| CVE-2023-38623 | 1 Tonybybell | 1 Gtkwave | 2025-06-03 | 7.8 High |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `vindex_offset` array. | ||||
| CVE-2023-35128 | 1 Tonybybell | 1 Gtkwave | 2025-06-03 | 7 High |
| An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2024-20698 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-06-03 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-49262 | 1 Hongdian | 2 H8951-4g-esp, H8951-4g-esp Firmware | 2025-06-03 | 9.8 Critical |
| The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session. | ||||
| CVE-2025-1235 | 2025-06-02 | 4.3 Medium | ||
| A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970. | ||||
| CVE-2020-12762 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2025-05-30 | 7.8 High |
| json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. | ||||
| CVE-2022-26775 | 1 Apple | 2 Mac Os X, Macos | 2025-05-30 | 9.8 Critical |
| An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution. | ||||
| CVE-2024-22211 | 2 Freerdp, Redhat | 2 Freerdp, Enterprise Linux | 2025-05-30 | 3.7 Low |
| FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability. | ||||
| CVE-2023-52389 | 1 Pocoproject | 1 Poco | 2025-05-29 | 9.8 Critical |
| UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in 1.11.8p2, 1.12.5p2, and 1.13.0. | ||||
| CVE-2024-23775 | 1 Arm | 1 Mbed Tls | 2025-05-29 | 7.5 High |
| Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension(). | ||||
| CVE-2023-40548 | 2 Fedoraproject, Redhat | 7 Fedora, Enterprise Linux, Rhel Aus and 4 more | 2025-05-29 | 7.4 High |
| A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase. | ||||
| CVE-2025-31221 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-05-27 | 7.5 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may be able to leak memory. | ||||