Export limit exceeded: 363855 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4900 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32975 | 1 Envoyproxy | 1 Envoy | 2024-11-21 | 5.9 Medium |
| Envoy is a cloud-native, open source edge and service proxy. There is a crash at `QuicheDataReader::PeekVarInt62Length()`. It is caused by integer underflow in the `QuicStreamSequencerBuffer::PeekRegion()` implementation. | ||||
| CVE-2024-32913 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-32668 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 8.2 High |
| An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. | ||||
| CVE-2024-29784 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-23372 | 1 Qualcomm | 225 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 222 more | 2024-11-21 | 8.4 High |
| Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size. | ||||
| CVE-2024-21851 | 1 Openatom | 1 Openharmony | 2024-11-21 | 2.9 Low |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow. | ||||
| CVE-2024-21845 | 1 Openatom | 1 Openharmony | 2024-11-21 | 2.9 Low |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow. | ||||
| CVE-2024-21631 | 1 Vapor | 1 Vapor | 2024-11-21 | 6.5 Medium |
| Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vapor's `vapor_urlparser_parse` function uses `uint16_t` indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs. This vulnerability does not affect Vapor directly but could impact applications relying on the URI type for validating user input. The URI type is used in several places in Vapor. A developer may decide to use URI to represent a URL in their application (especially if that URL is then passed to the HTTP Client) and rely on its public properties and methods. However, URI may fail to properly parse a valid (albeit abnormally long) URL, due to string ranges being converted to 16-bit integers. An attacker may use this behavior to trick the application into accepting a URL to an untrusted destination. By padding the port number with zeros, an attacker can cause an integer overflow to occur when the URL authority is parsed and, as a result, spoof the host. Version 4.90.0 contains a patch for this issue. As a workaround, validate user input before parsing as a URI or, if possible, use Foundation's `URL` and `URLComponents` utilities. | ||||
| CVE-2024-21466 | 1 Qualcomm | 128 Fastconnect 7800, Fastconnect 7800 Firmware, Immersive Home 3210 Platform and 125 more | 2024-11-21 | 6.5 Medium |
| Information disclosure while parsing sub-IE length during new IE generation. | ||||
| CVE-2024-20016 | 2 Google, Mediatek | 35 Android, Mt6735, Mt6737 and 32 more | 2024-11-21 | 4.4 Medium |
| In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901. | ||||
| CVE-2023-4949 | 2 Gnu, Xen | 2 Grub, Xen | 2024-11-21 | 8.1 High |
| An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation. | ||||
| CVE-2023-4722 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4424 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 8.3 High |
| An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device. | ||||
| CVE-2023-4398 | 1 Zyxel | 25 Atp100, Atp100w, Atp200 and 22 more | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet. | ||||
| CVE-2023-48409 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-46853 | 1 Memcached | 1 Memcached | 2024-11-21 | 9.8 Critical |
| In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. | ||||
| CVE-2023-46247 | 1 Vyperlang | 1 Vyper | 2024-11-21 | 7.5 High |
| Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). Contracts containing large arrays might underallocate the number of slots they need by 1. Prior to v0.3.8, the calculation to determine how many slots a storage variable needed used `math.ceil(type_.size_in_bytes / 32)`. The intermediate floating point step can produce a rounding error if there are enough bits set in the IEEE-754 mantissa. Roughly speaking, if `type_.size_in_bytes` is large (> 2**46), and slightly less than a power of 2, the calculation can overestimate how many slots are needed by 1. If `type_.size_in_bytes` is slightly more than a power of 2, the calculation can underestimate how many slots are needed by 1. This issue is patched in version 0.3.8. | ||||
| CVE-2023-46228 | 1 Zchunk | 1 Zchunk | 2024-11-21 | 7.8 High |
| zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c. | ||||
| CVE-2023-44709 | 1 Sammycage | 1 Plutosvg | 2024-11-21 | 9.8 Critical |
| PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an integer overflow via the component plutosvg_load_from_memory. | ||||
| CVE-2023-44378 | 1 Consensys | 1 Gnark | 2024-11-21 | 7.1 High |
| gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of `a`, for small values there exists a second decomposition for `a+r` (where `r` is the modulus the values are being reduced by). The second decomposition was possible due to overflowing the field where the values are defined. Upgrading to version 0.9.0 should fix the issue without needing to change the calls to value comparison methods. | ||||