Total
2219 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-2826 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-02-04 | 4.9 MEDIUM | N/A |
Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure. | |||||
CVE-2008-1679 | 1 Python | 1 Python | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965. | |||||
CVE-2008-1446 | 1 Microsoft | 4 Internet Information Services, Windows 2000, Windows Server 2003 and 1 more | 2024-02-04 | 9.0 HIGH | N/A |
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability." | |||||
CVE-2007-2223 | 1 Microsoft | 11 Expression Web, Office, Office Compatibility Pack and 8 more | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow. | |||||
CVE-2006-4519 | 1 Gimp | 1 Gimp | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. | |||||
CVE-2006-5937 | 1 Grisoft | 1 Avg Antivirus | 2024-02-04 | 7.5 HIGH | N/A |
Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. | |||||
CVE-2007-4965 | 1 Python | 1 Python | 2024-02-04 | 5.8 MEDIUM | N/A |
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows. | |||||
CVE-2007-3387 | 6 Apple, Canonical, Debian and 3 more | 6 Cups, Ubuntu Linux, Debian Linux and 3 more | 2024-02-04 | 6.8 MEDIUM | N/A |
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. | |||||
CVE-2007-2949 | 2 Canonical, Gimp | 2 Ubuntu Linux, Gimp | 2024-02-04 | 6.8 MEDIUM | N/A |
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. | |||||
CVE-2007-0221 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 7.8 HIGH | N/A |
Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability." | |||||
CVE-2007-2834 | 4 Apache, Canonical, Debian and 1 more | 5 Openoffice, Ubuntu Linux, Debian Linux and 2 more | 2024-02-04 | 9.3 HIGH | N/A |
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow. | |||||
CVE-2006-3198 | 1 Opera | 1 Opera Browser | 2024-02-04 | 7.5 HIGH | N/A |
Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended. | |||||
CVE-2004-0657 | 2 Hp, Ntp | 2 Tru64 Unix, Ntp | 2024-02-04 | 5.0 MEDIUM | N/A |
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time. | |||||
CVE-2004-0788 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2024-02-04 | 5.0 MEDIUM | N/A |
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file. | |||||
CVE-2022-26495 | 3 Debian, Fedoraproject, Network Block Device Project | 3 Debian Linux, Fedora, Network Block Device | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages. | |||||
CVE-2021-33631 | 1 Huawei | 1 Openeuler | 2024-02-03 | N/A | 7.8 HIGH |
Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0. | |||||
CVE-2022-0545 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-02-02 | 5.1 MEDIUM | 7.8 HIGH |
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. | |||||
CVE-2021-30860 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-02-02 | 6.8 MEDIUM | 7.8 HIGH |
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |||||
CVE-2019-1010006 | 4 Canonical, Debian, Gnome and 1 more | 4 Ubuntu Linux, Debian Linux, Evince and 1 more | 2024-02-02 | 6.8 MEDIUM | 7.8 HIGH |
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail. |