Total
2760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-33797 | 1 Artifex | 1 Mujs | 2025-02-06 | N/A | 9.8 CRITICAL |
| Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d. | |||||
| CVE-2021-0876 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgePhysmemNewRamBackedLockedPMR of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270400229 | |||||
| CVE-2021-0875 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgeChangeSparseMem of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270400061 | |||||
| CVE-2021-0874 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgeDevicememHistorySparseChange of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270399633 | |||||
| CVE-2021-0873 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgeRGXKickRS of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270392711 | |||||
| CVE-2021-0872 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgeRGXKickVRDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270401229 | |||||
| CVE-2021-0885 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgeSyncPrimOpTake of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270401914 | |||||
| CVE-2021-0884 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgePhysmemImportSparseDmaBuf of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270393454 | |||||
| CVE-2021-0883 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgeCacheOpQueue of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270395013 | |||||
| CVE-2021-0882 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgeRGXKickSync of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270395803 | |||||
| CVE-2021-0881 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
| In PVRSRVBridgeRGXKickCDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270396350 | |||||
| CVE-2023-30463 | 1 Altran | 1 Picotcp | 2025-02-05 | N/A | 7.5 HIGH |
| Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 may occur. | |||||
| CVE-2023-1900 | 1 Avira | 1 Antivirus | 2025-02-05 | N/A | 7.8 HIGH |
| A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap and lead to a denial-of-service situation. Issue was fixed with Endpointprotection.exe version 1.0.2303.633 | |||||
| CVE-2018-6065 | 4 Debian, Google, Mi and 1 more | 6 Debian Linux, Chrome, Mi6 Browser and 3 more | 2025-02-05 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2024-32039 | 2 Fedoraproject, Freerdp | 2 Fedora, Freerdp | 2025-02-04 | N/A | 9.8 CRITICAL |
| FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default). | |||||
| CVE-2024-35827 | 1 Linux | 1 Linux Kernel | 2025-02-03 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() The "controllen" variable is type size_t (unsigned long). Casting it to int could lead to an integer underflow. The check_add_overflow() function considers the type of the destination which is type int. If we add two positive values and the result cannot fit in an integer then that's counted as an overflow. However, if we cast "controllen" to an int and it turns negative, then negative values *can* fit into an int type so there is no overflow. Good: 100 + (unsigned long)-4 = 96 <-- overflow Bad: 100 + (int)-4 = 96 <-- no overflow I deleted the cast of the sizeof() as well. That's not a bug but the cast is unnecessary. | |||||
| CVE-2024-26817 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-02-03 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow. | |||||
| CVE-2023-6345 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2025-02-03 | N/A | 9.6 CRITICAL |
| Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) | |||||
| CVE-2021-30860 | 3 Apple, Freedesktop, Xpdfreader | 7 Ipados, Iphone Os, Mac Os X and 4 more | 2025-02-03 | 6.8 MEDIUM | 7.8 HIGH |
| An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |||||
| CVE-2021-47098 | 1 Linux | 1 Linux Kernel | 2025-02-03 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of temperature calculations") addressed a number of underflow situations when writing temperature limits. However, it missed one situation, seen when an attempt is made to set the hysteresis value to MAX_LONG and the critical temperature limit is negative. Use clamp_val() when setting the hysteresis temperature to ensure that the provided value can never overflow or underflow. | |||||