Total
3257 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1026 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2025-04-09 | N/A |
| Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow. | ||||
| CVE-2006-4519 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2025-04-09 | N/A |
| Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. | ||||
| CVE-2008-4226 | 2 Redhat, Xmlsoft | 2 Enterprise Linux, Libxml | 2025-04-09 | N/A |
| Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||||
| CVE-2007-2834 | 5 Apache, Canonical, Debian and 2 more | 6 Openoffice, Ubuntu Linux, Debian Linux and 3 more | 2025-04-09 | N/A |
| Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow. | ||||
| CVE-2009-1385 | 3 Intel, Linux, Redhat | 6 E1000, Kernel, Linux Kernel and 3 more | 2025-04-09 | N/A |
| Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. | ||||
| CVE-2009-0723 | 5 Gimp, Littlecms, Mozilla and 2 more | 5 Gimp, Little Cms, Firefox and 2 more | 2025-04-09 | N/A |
| Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2688 | 1 Xemacs | 1 Xemacs | 2025-04-09 | N/A |
| Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4225 | 2 Redhat, Xmlsoft | 2 Enterprise Linux, Libxml | 2025-04-09 | N/A |
| Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document. | ||||
| CVE-2022-3515 | 3 Gnupg, Gpg4win, Redhat | 10 Gnupg, Libksba, Vs-desktop and 7 more | 2025-04-08 | 9.8 Critical |
| A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment. | ||||
| CVE-2023-29364 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-08 | 7 High |
| Windows Authentication Elevation of Privilege Vulnerability | ||||
| CVE-2023-22895 | 1 Bzip2 Project | 1 Bzip2 | 2025-04-07 | 7.5 High |
| The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product. | ||||
| CVE-2022-1812 | 1 Publify Project | 1 Publify | 2025-04-07 | 9.8 Critical |
| Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2024-36336 | 2025-04-07 | 7.9 High | ||
| Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability. | ||||
| CVE-2024-36337 | 2025-04-07 | 7.9 High | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability. | ||||
| CVE-2024-36328 | 2025-04-07 | 7.3 High | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability. | ||||
| CVE-2023-23144 | 1 Gpac | 1 Gpac | 2025-04-03 | 5.5 Medium |
| Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master. | ||||
| CVE-2022-38725 | 1 Oneidentity | 2 Syslog-ng, Syslog-ng Store Box | 2025-04-03 | 7.5 High |
| An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. | ||||
| CVE-2002-0639 | 1 Openbsd | 1 Openssh | 2025-04-03 | 9.8 Critical |
| Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication. | ||||
| CVE-2006-3467 | 2 Freetype, Redhat | 2 Freetype, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861. | ||||
| CVE-2006-3198 | 1 Opera | 1 Opera Browser | 2025-04-03 | N/A |
| Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended. | ||||