Total
3123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-52559 | 1 Linux | 1 Linux Kernel | 2025-03-24 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() The "submit->cmd[i].size" and "submit->cmd[i].offset" variables are u32 values that come from the user via the submit_lookup_cmds() function. This addition could lead to an integer wrapping bug so use size_add() to prevent that. Patchwork: https://patchwork.freedesktop.org/patch/624696/ | ||||
| CVE-2024-52557 | 1 Linux | 1 Linux Kernel | 2025-03-24 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get() This patch fixes a potential integer overflow in the zynqmp_dp_rate_get() The issue comes up when the expression drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000 is evaluated using 32-bit Now the constant is a compatible 64-bit type. Resolves coverity issues: CID 1636340 and CID 1635811 | ||||
| CVE-2025-24985 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-23 | 7.8 High |
| Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | ||||
| CVE-2021-4206 | 3 Debian, Qemu, Redhat | 4 Debian Linux, Qemu, Advanced Virtualization and 1 more | 2025-03-21 | 8.2 High |
| A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. | ||||
| CVE-2023-51714 | 3 Debian, Qt, Redhat | 3 Debian Linux, Qt, Enterprise Linux | 2025-03-20 | 9.8 Critical |
| An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. | ||||
| CVE-2011-0211 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-03-20 | N/A |
| Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | ||||
| CVE-2011-0209 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-03-20 | N/A |
| Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file. | ||||
| CVE-2025-20653 | 2025-03-20 | 6.5 Medium | ||
| In da, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291064; Issue ID: MSV-2046. | ||||
| CVE-2023-23462 | 1 Libpeconv Project | 1 Libpeconv | 2025-03-19 | 9.8 Critical |
| Libpeconv – integer overflow, before commit 75b1565 (30/11/2022). | ||||
| CVE-2024-40784 | 1 Apple | 7 Ipad Os, Ipados, Iphone Os and 4 more | 2025-03-19 | 7.8 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
| CVE-2025-2295 | 2025-03-18 | 3.5 Low | ||
| EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. | ||||
| CVE-2024-40635 | 2025-03-18 | 4.6 Medium | ||
| containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user. This bug has been fixed in containerd 1.6.38, 1.7.27, and 2.04. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images. | ||||
| CVE-2023-34406 | 2025-03-17 | 3.3 Low | ||
| An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically. | ||||
| CVE-2023-20662 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | 6.7 Medium |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560765; Issue ID: ALPS07560765. | ||||
| CVE-2023-20661 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | 6.7 Medium |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782. | ||||
| CVE-2023-20660 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383. | ||||
| CVE-2022-49451 | 1 Linux | 1 Linux Kernel | 2025-03-17 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is currently validated in an improper way since the check employs a sum between unsigned integers that could overflow and cause the check itself to be silently bypassed if the returned value 'loop_num_ret' is big enough. Fix the validation avoiding the addition. | ||||
| CVE-2024-26668 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-03-17 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its better to reject this rather than having incorrect ratelimit. | ||||
| CVE-2025-0690 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-03-15 | 6.1 Medium |
| The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence. | ||||
| CVE-2024-45490 | 2 Libexpat Project, Redhat | 4 Libexpat, Enterprise Linux, Openshift and 1 more | 2025-03-14 | 9.8 Critical |
| An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. | ||||