Total
2759 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-5001 | 1 Gnu | 1 Pspp | 2025-06-17 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-49710 | 1 Mozilla | 1 Firefox | 2025-06-16 | N/A | 9.8 CRITICAL |
| An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4. | |||||
| CVE-2017-15873 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-06-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. | |||||
| CVE-2013-7354 | 1 Libpng | 1 Libpng | 2025-06-09 | 5.0 MEDIUM | 6.5 MEDIUM |
| Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. | |||||
| CVE-2013-7353 | 1 Libpng | 1 Libpng | 2025-06-09 | 5.0 MEDIUM | 6.5 MEDIUM |
| Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. | |||||
| CVE-2011-3045 | 6 Debian, Fedoraproject, Google and 3 more | 13 Debian Linux, Fedora, Chrome and 10 more | 2025-06-09 | 6.8 MEDIUM | 8.8 HIGH |
| Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | |||||
| CVE-2021-38185 | 1 Gnu | 1 Cpio | 2025-06-09 | 6.8 MEDIUM | 7.8 HIGH |
| GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | |||||
| CVE-2025-48174 | 1 Aomedia | 1 Libavif | 2025-06-04 | N/A | 4.5 MEDIUM |
| In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. | |||||
| CVE-2024-23851 | 1 Linux | 1 Linux Kernel | 2025-06-04 | N/A | 5.5 MEDIUM |
| copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl. | |||||
| CVE-2025-47294 | 1 Fortinet | 1 Fortios | 2025-06-04 | N/A | 5.3 MEDIUM |
| A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request. | |||||
| CVE-2024-36617 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 6.2 MEDIUM |
| FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder. | |||||
| CVE-2024-35369 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 5.5 MEDIUM |
| In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in undefined behavior or crashes during the decoding process. | |||||
| CVE-2024-36619 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 5.3 MEDIUM |
| FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service (DoS) condition. | |||||
| CVE-2024-36618 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 6.2 MEDIUM |
| FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition. | |||||
| CVE-2024-36616 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 6.5 MEDIUM |
| An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file. | |||||
| CVE-2024-35366 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 9.1 CRITICAL |
| FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking. | |||||
| CVE-2024-36613 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | N/A | 6.2 MEDIUM |
| FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior. | |||||
| CVE-2023-47994 | 1 Freeimage Project | 1 Freeimage | 2025-06-03 | N/A | 8.8 HIGH |
| An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code. | |||||
| CVE-2023-28185 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-06-03 | N/A | 5.5 MEDIUM |
| An integer overflow was addressed through improved input validation. This issue is fixed in tvOS 16.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to cause a denial-of-service. | |||||
| CVE-2023-49262 | 1 Hongdian | 2 H8951-4g-esp, H8951-4g-esp Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session. | |||||