Filtered by CWE-191
Filtered by vendor Subscriptions
Total 300 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-4031 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
Integer underflow in the asfrtp_parse_packet function in libavformat/rtpdec_asf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet.
CVE-2011-2497 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the command header of a Logical Link Control and Adaptation Protocol (L2CAP) configuration request, leading to a buffer overflow.
CVE-2011-1770 3 Fedoraproject, Linux, Redhat 4 Fedora, Linux Kernel, Enterprise Linux and 1 more 2024-11-21 7.5 High
Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read.
CVE-2010-4529 1 Linux 1 Linux Kernel 2024-11-21 N/A
Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES getsockopt call.
CVE-2010-4164 4 Debian, Linux, Opensuse and 1 more 7 Debian Linux, Linux Kernel, Opensuse and 4 more 2024-11-21 N/A
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873.
CVE-2010-2497 3 Apple, Debian, Freetype 3 Mac Os X, Debian Linux, Freetype 2024-11-21 N/A
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
CVE-2009-3301 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-11-21 N/A
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.
CVE-2007-0063 3 Canonical, Redhat, Vmware 7 Ubuntu Linux, Enterprise Linux, Ace and 4 more 2024-11-21 N/A
Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.
CVE-2005-1891 2 Aol, Microsoft 2 Aim, Windows 2024-11-21 7.5 High
The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable.
CVE-2005-0199 1 Barton 1 Ngircd 2024-11-21 9.8 Critical
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
CVE-2004-1002 2 Canonical, Samba 2 Ubuntu Linux, Ppp 2024-11-21 7.5 High
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location.
CVE-2004-0816 1 Linux 1 Linux Kernel 2024-11-21 7.5 High
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
CVE-2004-0184 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2024-11-21 N/A
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2024-49514 3 Adobe, Apple, Microsoft 5 Photoshop, Photoshop 2023, Photoshop 2024 and 2 more 2024-11-18 7.8 High
Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-20474 1 Cisco 2 Anyconnect Secure Mobility Client, Secure Client 2024-11-01 4.3 Medium
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software. Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.
CVE-2024-47425 2 Adobe, Microsoft 2 Framemaker, Windows 2024-10-18 7.8 High
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-38063 1 Microsoft 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more 2024-10-16 9.8 Critical
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-6258 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2024-09-19 6.8 Medium
BT: Missing length checks of net_buf in rfcomm_handle_data
CVE-2024-41857 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-09-16 7.8 High
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-52630 2024-04-30 5.5 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.