Vulnerabilities (CVE)

Filtered by CWE-190
Total 2579 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17187 1 Huawei 12 Dp300, Dp300 Firmware, Rp200 and 9 more 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process.
CVE-2017-17184 1 Huawei 12 Dp300, Dp300 Firmware, Rp200 and 9 more 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process.
CVE-2017-17183 1 Huawei 12 Dp300, Dp300 Firmware, Rp200 and 9 more 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process.
CVE-2017-17147 1 Huawei 2 Dp300, Dp300 Firmware 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks.
CVE-2017-17122 1 Gnu 1 Binutils 2024-11-21 6.8 MEDIUM 7.8 HIGH
The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.
CVE-2017-16832 1 Gnu 1 Binutils 2024-11-21 6.8 MEDIUM 7.8 HIGH
The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file.
CVE-2017-16831 1 Gnu 1 Binutils 2024-11-21 6.8 MEDIUM 7.8 HIGH
coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file.
CVE-2017-16830 1 Gnu 1 Binutils 2024-11-21 6.8 MEDIUM 7.8 HIGH
The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file.
CVE-2017-16828 1 Gnu 1 Binutils 2024-11-21 6.8 MEDIUM 7.8 HIGH
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame.
CVE-2017-16797 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 7.8 HIGH
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file.
CVE-2017-16663 1 Sam2p Project 1 Sam2p 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely.
CVE-2017-16612 3 Canonical, Debian, X 3 Ubuntu Linux, Debian Linux, Libxcursor 2024-11-21 5.0 MEDIUM 7.5 HIGH
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0.
CVE-2017-15873 3 Busybox, Canonical, Debian 3 Busybox, Ubuntu Linux, Debian Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.
CVE-2017-15862 1 Google 1 Android 2024-11-21 7.2 HIGH 7.8 HIGH
In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow.
CVE-2017-15854 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2017-15836 1 Google 1 Android 2024-11-21 7.5 HIGH 7.3 HIGH
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if the firmware sends a service ready event to the host with a large number in the num_hw_modes or num_phy, then it could result in an integer overflow which may potentially lead to a buffer overflow.
CVE-2017-15831 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function wma_ndp_end_indication_event_handler(), there is no input validation check on a event_info value coming from firmware, which can cause an integer overflow and then leads to potential heap overwrite.
CVE-2017-15828 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow.
CVE-2017-15818 1 Google 1 Android 2024-11-21 7.2 HIGH 7.8 HIGH
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size.
CVE-2017-15587 1 Artifex 1 Mupdf 2024-11-21 6.8 MEDIUM 7.8 HIGH
An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.