ReportizFlow
Filtered by vendor
Subscriptions
Total
3187 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32718 | 2025-06-13 | 7.8 High | ||
| Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-5914 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-06-12 | 3.9 Low |
| A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. | ||||
| CVE-2025-5916 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-06-12 | 3.9 Low |
| A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. | ||||
| CVE-2025-30327 | 2025-06-12 | 7.8 High | ||
| InCopy versions 20.2, 19.5.3 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-6021 | 1 Redhat | 3 Enterprise Linux, Jboss Core Services, Openshift | 2025-06-12 | 7.5 High |
| A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. | ||||
| CVE-2025-49710 | 2025-06-12 | 9.8 Critical | ||
| An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4. | ||||
| CVE-2024-22860 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-09 | 9.8 Critical |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. | ||||
| CVE-2025-47712 | 1 Redhat | 2 Advanced Virtualization, Enterprise Linux | 2025-06-09 | 4.3 Medium |
| A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service. | ||||
| CVE-2025-5473 | 2025-06-09 | 7.8 High | ||
| GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICO files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26752. | ||||
| CVE-2018-15688 | 4 Canonical, Debian, Redhat and 1 more | 10 Ubuntu Linux, Debian Linux, Enterprise Linux and 7 more | 2025-06-09 | 8.8 High |
| A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239. | ||||
| CVE-2017-15874 | 1 Busybox | 1 Busybox | 2025-06-09 | 5 Medium |
| archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation. | ||||
| CVE-2017-15873 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-06-09 | 5.5 Medium |
| The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. | ||||
| CVE-2013-7354 | 1 Libpng | 1 Libpng | 2025-06-09 | 6.5 Medium |
| Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. | ||||
| CVE-2013-7353 | 1 Libpng | 1 Libpng | 2025-06-09 | 6.5 Medium |
| Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. | ||||
| CVE-2011-3045 | 6 Debian, Fedoraproject, Google and 3 more | 13 Debian Linux, Fedora, Chrome and 10 more | 2025-06-09 | 8.8 High |
| Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | ||||
| CVE-2021-38185 | 2 Gnu, Redhat | 2 Cpio, Enterprise Linux | 2025-06-09 | 7.8 High |
| GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | ||||
| CVE-2024-30067 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-05 | 5.5 Medium |
| Winlogon Elevation of Privilege Vulnerability | ||||
| CVE-2024-30064 | 1 Microsoft | 2 Windows Server 2022, Windows Server 2022 23h2 | 2025-06-05 | 8.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2024-30072 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2 | 2025-06-05 | 7.8 High |
| Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | ||||
| CVE-2025-48174 | 1 Aomedia | 1 Libavif | 2025-06-04 | 4.5 Medium |
| In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. | ||||