Vulnerabilities (CVE)

Filtered by CWE-190
Total 2676 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-28613 1 Samsung 6 Exynos 1280, Exynos 1280 Firmware, Exynos 2200 and 3 more 2025-02-13 N/A 6.8 MEDIUM
An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments.
CVE-2022-25147 1 Apache 1 Portable Runtime Utility 2025-02-13 N/A 6.5 MEDIUM
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
CVE-2023-20663 4 Google, Linux, Mediatek and 1 more 29 Android, Linux Kernel, Mt5221 and 26 more 2025-02-13 N/A 6.7 MEDIUM
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741.
CVE-2024-21836 1 Ggerganov 1 Llama.cpp 2025-02-12 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2024-23496 1 Ggerganov 1 Llama.cpp 2025-02-12 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the GGUF library gguf_fread_str functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2024-23605 1 Ggerganov 1 Llama.cpp 2025-02-12 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the GGUF library header.n_kv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2024-21825 1 Ggerganov 1 Llama.cpp 2025-02-12 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2023-24537 1 Golang 1 Go 2025-02-12 N/A 7.5 HIGH
Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.
CVE-2023-20682 4 Google, Linux, Mediatek and 1 more 44 Android, Linux Kernel, Mt5221 and 41 more 2025-02-12 N/A 6.7 MEDIUM
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605.
CVE-2024-53880 2025-02-12 N/A 4.9 MEDIUM
NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability might lead to denial of service.
CVE-2023-20507 2025-02-11 N/A 2.3 LOW
An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity.
CVE-2025-0302 1 Openatom 1 Openharmony 2025-02-11 N/A 5.5 MEDIUM
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow.
CVE-2023-26065 1 Lexmark 217 6500e, B2236, B2338 and 214 more 2025-02-11 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 have an Integer Overflow.
CVE-2023-6780 2 Fedoraproject, Gnu 2 Fedora, Glibc 2025-02-07 N/A 5.3 MEDIUM
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
CVE-2022-48468 1 Protobuf-c Project 1 Protobuf-c 2025-02-07 N/A 5.5 MEDIUM
protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.
CVE-2023-27913 1 Autodesk 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more 2025-02-06 N/A 7.8 HIGH
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process.
CVE-2021-0880 1 Google 1 Android 2025-02-06 N/A 7.8 HIGH
In PVRSRVBridgeRGXKickTA3D of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270396792
CVE-2021-0879 1 Google 1 Android 2025-02-06 N/A 7.8 HIGH
In PVRSRVBridgeRGXTDMSubmitTransfer of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270397970
CVE-2021-0878 1 Google 1 Android 2025-02-06 N/A 7.8 HIGH
In PVRSRVBridgeServerSyncGetStatus of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270399153
CVE-2024-13614 2025-02-06 N/A 5.3 MEDIUM
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, Kaspersky Anti-Ransomware Tool that could allow an authenticated attacker to write data to a limited area outside the allocated kernel memory buffer. The fix was installed automatically for all Kaspersky Endpoint products.