Total
92 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-40225 | 1 Siemens | 2 Siplus Tim 1531 Irc, Siplus Tim 1531 Irc Firmware | 2024-06-24 | 7.5 High |
A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices. | ||||
CVE-2022-34169 | 6 Apache, Azul, Debian and 3 more | 16 Xalan-java, Zulu, Debian Linux and 13 more | 2024-06-21 | 7.5 High |
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. | ||||
CVE-2024-26162 | 2024-06-11 | 8.8 High | ||
Microsoft ODBC Driver Remote Code Execution Vulnerability | ||||
CVE-2024-32481 | 2024-06-04 | 5.3 Medium | ||
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a `range` of the form `range(start, start + N)`, if `start` is negative, the execution will always revert. This issue is caused by an incorrect assertion inserted by the code generation of the range `stmt.parse_For_range()`. The issue arises when `start` is signed, instead of using `sle`, `le` is used and `start` is interpreted as an unsigned integer for the comparison. If it is a negative number, its 255th bit is set to `1` and is hence interpreted as a very large unsigned integer making the assertion always fail. Any contract having a `range(start, start + N)` where `start` is a signed integer with the possibility for `start` to be negative is affected. If a call goes through the loop while supplying a negative `start` the execution will revert. Version 0.4.0b1 fixes the issue. | ||||
CVE-2023-23401 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-05-29 | 7.8 High |
Windows Media Remote Code Execution Vulnerability | ||||
CVE-2023-23388 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-05-29 | 8.8 High |
Windows Bluetooth Driver Elevation of Privilege Vulnerability | ||||
CVE-2023-21736 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-05-29 | 7.8 High |
Microsoft Office Visio Remote Code Execution Vulnerability | ||||
CVE-2023-29346 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | 7.8 High |
NTFS Elevation of Privilege Vulnerability | ||||
CVE-2023-24884 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | 8.8 High |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | ||||
CVE-2023-46848 | 2 Redhat, Squid-cache | 5 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 2 more | 2024-04-25 | 7.5 High |
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. | ||||
CVE-2018-10887 | 2 Debian, Libgit2 | 2 Debian Linux, Libgit2 | 2024-02-15 | 8.1 High |
A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service. | ||||
CVE-2023-28063 | 1 Dell | 582 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 579 more | 2024-02-15 | 4.4 Medium |
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. | ||||
CVE-2008-3282 | 2 Apache, Fedoraproject | 2 Openoffice, Fedora | 2024-02-08 | 7.8 High |
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152. | ||||
CVE-2009-0231 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2024-02-08 | 8.8 High |
The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncation and a heap-based buffer overflow, aka "Embedded OpenType Font Heap Overflow Vulnerability." | ||||
CVE-2022-42324 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-02-04 | 5.5 Medium |
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusion in the remainder. This in turn can feed a negative value into logic not expecting a negative value, resulting in unexpected exceptions being thrown. The unexpected exception is not handled suitably, creating a busy-loop trying (and failing) to take the bad packet out of the xenstore ring. | ||||
CVE-2007-4988 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-02 | 7.8 High |
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. | ||||
CVE-2022-2639 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-02 | 7.8 High |
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
CVE-2007-4268 | 1 Apple | 1 Mac Os X | 2024-02-02 | 7.8 High |
Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value, which triggers a heap-based buffer overflow. | ||||
CVE-2023-20006 | 1 Cisco | 6 Adaptive Security Appliance Software, Firepower 2110, Firepower 2120 and 3 more | 2024-01-25 | 7.5 High |
A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload. | ||||
CVE-2023-5184 | 1 Zephyrproject | 1 Zephyr | 2023-12-21 | 8.8 High |
Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. |