Filtered by vendor
Subscriptions
Total
300 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-4031 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | N/A |
Integer underflow in the asfrtp_parse_packet function in libavformat/rtpdec_asf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet. | ||||
CVE-2011-2497 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-11-21 | N/A |
Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the command header of a Logical Link Control and Adaptation Protocol (L2CAP) configuration request, leading to a buffer overflow. | ||||
CVE-2011-1770 | 3 Fedoraproject, Linux, Redhat | 4 Fedora, Linux Kernel, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read. | ||||
CVE-2010-4529 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES getsockopt call. | ||||
CVE-2010-4164 | 4 Debian, Linux, Opensuse and 1 more | 7 Debian Linux, Linux Kernel, Opensuse and 4 more | 2024-11-21 | N/A |
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873. | ||||
CVE-2010-2497 | 3 Apple, Debian, Freetype | 3 Mac Os X, Debian Linux, Freetype | 2024-11-21 | N/A |
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | ||||
CVE-2009-3301 | 4 Apache, Canonical, Debian and 1 more | 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | N/A |
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document. | ||||
CVE-2007-0063 | 3 Canonical, Redhat, Vmware | 7 Ubuntu Linux, Enterprise Linux, Ace and 4 more | 2024-11-21 | N/A |
Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow. | ||||
CVE-2005-1891 | 2 Aol, Microsoft | 2 Aim, Windows | 2024-11-21 | 7.5 High |
The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable. | ||||
CVE-2005-0199 | 1 Barton | 1 Ngircd | 2024-11-21 | 9.8 Critical |
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow. | ||||
CVE-2004-1002 | 2 Canonical, Samba | 2 Ubuntu Linux, Ppp | 2024-11-21 | 7.5 High |
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location. | ||||
CVE-2004-0816 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 High |
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet. | ||||
CVE-2004-0184 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-11-21 | N/A |
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. | ||||
CVE-2024-49514 | 3 Adobe, Apple, Microsoft | 5 Photoshop, Photoshop 2023, Photoshop 2024 and 2 more | 2024-11-18 | 7.8 High |
Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-20474 | 1 Cisco | 2 Anyconnect Secure Mobility Client, Secure Client | 2024-11-01 | 4.3 Medium |
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software. Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client. | ||||
CVE-2024-47425 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-10-18 | 7.8 High |
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-38063 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2024-10-16 | 9.8 Critical |
Windows TCP/IP Remote Code Execution Vulnerability | ||||
CVE-2024-6258 | 2 Zephyrproject, Zephyrproject-rtos | 2 Zephyr, Zephyr | 2024-09-19 | 6.8 Medium |
BT: Missing length checks of net_buf in rfcomm_handle_data | ||||
CVE-2024-41857 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-16 | 7.8 High |
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-52630 | 2024-04-30 | 5.5 Medium | ||
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |