Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-15560

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-20 Aug, 2018 | 00:00
Updated At-05 Aug, 2024 | 09:54
Rejected At-
Credits

PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:20 Aug, 2018 | 00:00
Updated At:05 Aug, 2024 | 09:54
Rejected At:
â–¼CVE Numbering Authority (CNA)

PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://whitehatck01.blogspot.com/2018/08/integer-overflow-vulnerability-in.html
x_refsource_MISC
https://github.com/Legrandin/pycryptodome/issues/198
x_refsource_MISC
Hyperlink: https://whitehatck01.blogspot.com/2018/08/integer-overflow-vulnerability-in.html
Resource:
x_refsource_MISC
Hyperlink: https://github.com/Legrandin/pycryptodome/issues/198
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://whitehatck01.blogspot.com/2018/08/integer-overflow-vulnerability-in.html
x_refsource_MISC
x_transferred
https://github.com/Legrandin/pycryptodome/issues/198
x_refsource_MISC
x_transferred
Hyperlink: https://whitehatck01.blogspot.com/2018/08/integer-overflow-vulnerability-in.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/Legrandin/pycryptodome/issues/198
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:20 Aug, 2018 | 00:29
Updated At:11 Jan, 2024 | 15:28

PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
pycryptodome
pycryptodome
>>pycryptodome>>Versions before 3.6.6(exclusive)
cpe:2.3:a:pycryptodome:pycryptodome:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarynvd@nist.gov
CWE ID: CWE-190
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/Legrandin/pycryptodome/issues/198cve@mitre.org
Exploit
Third Party Advisory
https://whitehatck01.blogspot.com/2018/08/integer-overflow-vulnerability-in.htmlcve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://github.com/Legrandin/pycryptodome/issues/198
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://whitehatck01.blogspot.com/2018/08/integer-overflow-vulnerability-in.html
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

241Records found
CVE-2021-46389
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.79%
||
7 Day CHG~0.00%
Published-07 Feb, 2022 | 13:33
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IIPImage High Resolution Streaming Image Server prior to commit 882925b295a80ec992063deffc2a3b0d803c3195 is affected by an integer overflow in iipsrv.fcgi through malformed HTTP query parameters.

Action-Not Available
Vendor-high_resolution_streaming_image_server_projectn/a
Product-high_resolution_streaming_image_servern/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-51495
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 57.31%
||
7 Day CHG~0.00%
Published-29 Sep, 2025 | 00:00
Updated-16 Oct, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow.

Action-Not Available
Vendor-cesantan/a
Product-mongoosen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-6823
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.91%
||
7 Day CHG-0.44%
Published-18 Jan, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-46597
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.92%
||
7 Day CHG~0.00%
Published-20 Mar, 2026 | 00:00
Updated-02 Apr, 2026 | 12:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Bitcoin Core 0.13.0 through 29.x has an integer overflow.

Action-Not Available
Vendor-n/aBitcoin Wiki
Product-bitcoin_coren/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2026-25989
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.02% / 5.86%
||
7 Day CHG~0.00%
Published-24 Feb, 2026 | 01:50
Updated-28 Feb, 2026 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick has integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allows bypass the guard and reach an undefined `(size_t)` cast. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Action-Not Available
Vendor-ImageMagick Studio LLC
Product-imagemagickImageMagick
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CWE ID-CWE-193
Off-by-one Error
CVE-2013-7354
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.57% / 69.07%
||
7 Day CHG~0.00%
Published-06 May, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-libpngn/a
Product-libpngn/a
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-41990
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.61% / 82.23%
||
7 Day CHG+0.19%
Published-18 Oct, 2021 | 13:44
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.

Action-Not Available
Vendor-strongswann/aDebian GNU/LinuxSiemens AGFedora Project
Product-6gk5876-4aa00-2da2_firmware6gk5812-1ba00-2aa26gk5856-2ea00-3aa16gk6108-4am00-2da26gk5876-4aa00-2da26gk5876-3aa02-2ba2_firmware6gk5816-1aa00-2aa2_firmware6gk5876-3aa02-2ea2_firmware6gk5876-4aa00-2ba26gk5826-2ab00-2ab26gk5856-2ea00-3aa1_firmware6gk5876-4aa00-2ba2_firmware6gk5812-1aa00-2aa2fedora6gk6108-4am00-2da2_firmware6gk5856-2ea00-3da1_firmware6gk5874-2aa00-2aa2_firmware6gk5804-0ap00-2aa2_firmware6gk5874-3aa00-2aa26gk5812-1aa00-2aa2_firmware6gk5816-1ba00-2aa26gk5826-2ab00-2ab2_firmware6gk5874-2aa00-2aa26gk6108-4am00-2ba26gk5615-0aa00-2aa26gk5856-2ea00-3da1strongswan6gk5816-1ba00-2aa2_firmware6gk5874-3aa00-2aa2_firmware6gk5804-0ap00-2aa26gk5876-3aa02-2ea2debian_linux6gk6108-4am00-2ba2_firmware6gk5876-3aa02-2ba26gk5812-1ba00-2aa2_firmware6gk5615-0aa00-2aa2_firmware6gk5816-1aa00-2aa2n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2008-4309
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-11.40% / 93.75%
||
7 Day CHG~0.00%
Published-31 Oct, 2008 | 20:00
Updated-28 May, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.

Action-Not Available
Vendor-n/aNet-SNMP
Product-net-snmpn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-20
Improper Input Validation
CVE-2021-38787
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.79% / 74.37%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 12:46
Updated-04 Aug, 2024 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an integer overflow in the ION driver "/dev/ion" of Allwinner R818 SoC Android Q SDK V1.0 that could use the ioctl cmd "COMPAT_ION_IOC_SUNXI_FLUSH_RANGE" to cause a system crash (denial of service).

Action-Not Available
Vendor-allwinnertechn/a
Product-r818android_q_sdkn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-9348
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-2.71% / 86.29%
||
7 Day CHG~0.00%
Published-19 Nov, 2024 | 19:08
Updated-22 Nov, 2024 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SMF_ParseMetaEvent of eas_smf.c, there is a possible integer overflow. This could lead to remote denial of service due to resource exhaustion with no additional execution privileges needed. User interaction is needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2008-3144
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.20% / 87.33%
||
7 Day CHG+0.21%
Published-01 Aug, 2008 | 14:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error.

Action-Not Available
Vendor-n/aPython Software Foundation
Product-pythonn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-32058
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 65.06%
||
7 Day CHG~0.00%
Published-11 May, 2023 | 20:55
Updated-24 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vyper vulnerable to integer overflow in loop

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been patched in version 0.3.8.

Action-Not Available
Vendor-vyperlangvyperlang
Product-vypervyper
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-3107
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-7.5||HIGH
EPSS-0.17% / 37.73%
||
7 Day CHG~0.00%
Published-01 Aug, 2023 | 22:01
Updated-09 Jul, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote denial of service in IPv6 fragment reassembly

A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service.

Action-Not Available
Vendor-NetApp, Inc.FreeBSD Foundation
Product-freebsdclustered_data_ontapFreeBSD
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-30463
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 55.34%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 may occur.

Action-Not Available
Vendor-altrann/a
Product-picotcpn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-29087
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.2||LOW
EPSS-0.07% / 22.29%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 00:00
Updated-30 Apr, 2025 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

Action-Not Available
Vendor-sqliteSQLite
Product-sqliteSQLite
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-20406
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.39% / 85.41%
||
7 Day CHG+0.83%
Published-23 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data. This issue is fixed in: v3.4.10, v3.4.10rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.7rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.7, v3.6.7rc1, v3.6.7rc2, v3.6.8, v3.6.8rc1, v3.6.9, v3.6.9rc1; v3.7.1, v3.7.1rc1, v3.7.1rc2, v3.7.2, v3.7.2rc1, v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectPython Software Foundation
Product-debian_linuxfedorapythonn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-2914
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-7.5||HIGH
EPSS-25.77% / 96.39%
||
7 Day CHG~0.00%
Published-17 Aug, 2023 | 15:01
Updated-08 Oct, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-thinmanager_thinserverThinManager ThinServerthinmanager_thinserver
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-28831
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.71% / 72.88%
||
7 Day CHG+0.07%
Published-12 Sep, 2023 | 09:32
Updated-11 Nov, 2025 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500_cpu_1514sp-2_pnsimatic_s7-plcsim_advanced_firmwaresimatic_s7-1500_cpu_1514sp-2_pn_firmwaresimatic_s7-1500_et_200pro_firmwaresimatic_s7-1500_cpu_1512sp_f-1_pnsimatic_s7-1500_cpu_1511c-1_pn_firmwaresiplus_s7-1500_cpu_1518hf-4_pnsimatic_s7-1500_cpu_1515t-2_pnsiplus_et_200sp_cpu_1512sp-1_pnsiplus_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1512sp-1_pnsiplus_s7-1500_cpu_1515f-2_pnsiplus_s7-1500_cpu_1516-3_pn\/dp_tx_railsimatic_s7-1500_cpu_1515-2_pnsimatic_s7-1500_cpu_1515r-2_pn_firmwaresimatic_s7-1500_cpu_1515f-2_pn_firmwaresimatic_s7-1500_cpu_1511t-1_pnsiplus_s7-1500_cpu_1517h-3_pnsimatic_s7-1500_cpu_1518-4_pn\/dpsimatic_s7-1500_cpu_1517t-3_pn\/dpsiplus_et_200sp_cpu_1510sp_f-1_pnsiplus_et_200sp_cpu_1512sp_f-1_pn_rail_firmwaresimatic_s7-1500_cpu_1510sp-1_pn_firmwaresimatic_s7-1500_cpu_1518hf-4_pnsimatic_s7-1500_cpu_1510sp_f-1_pnsimatic_s7-1500_cpu_1515f-2_pnsimatic_s7-1500_cpu_1516-3_pn\/dpsimatic_s7-1500_cpu_1513f-1_pn_firmwaresiplus_s7-1500_cpu_1516-3_pn\/dp_railsimatic_s7-1500_cpu_s7-1518f-4_pn\/dp_odk_firmwaresimatic_s7-1500_cpu_1518f-4_pn\/dp_mfpsiplus_et_200sp_cpu_1512sp_f-1_pn_railsimatic_s7-1500_cpu_1516t-3_pn\/dpsimatic_s7-1500_cpu_1514spt_f-2_pnsimatic_s7-1500_cpu_1513f-1_pnsimatic_s7-1500_cpu_1516tf-3_pn\/dpsiplus_s7-1500_cpu_1516f-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1515f-2_pn_t2_railsiplus_s7-1500_cpu_1516-3_pn\/dp_tx_rail_firmwaresimatic_s7-1500_cpu_1514spt-2_pn_firmwaresimatic_s7-1500_cpu_1513r-1_pn_firmwaresimatic_s7-1500_cpu_1518hf-4_pn_firmwaresimatic_s7-1500_cpu_1515tf-2_pn_firmwaresiplus_et_200sp_cpu_1510sp-1_pn_firmwaresiplus_et_200sp_cpu_1512sp-1_pn_railsiplus_s7-1500_cpu_1518-4_pn\/dp_firmwaresiplus_s7-1500_cpu_1513f-1_pnsimatic_s7-1500_cpu_1517tf-3_pn\/dpsiplus_s7-1500_cpu_1515r-2_pn_firmwaresiplus_s7-1500_cpu_1518-4_pn\/dp_mfpsimatic_s7-1500_cpu_1510sp_f-1_pn_firmwaresiplus_s7-1500_cpu_1513-1_pn_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dp_firmwaresimatic_drive_controller_cpu_1507d_tf_firmwaresiplus_s7-1500_cpu_1511-1_pn_firmwaresiplus_s7-1500_cpu_1516-3_pn\/dp_rail_firmwaresimatic_s7-1500_cpu_1516tf-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1511-1_pn_t1_rail_firmwaresimatic_s7-1500_cpu_1515tf-2_pnsimatic_s7-1500_software_controller_firmwaresimatic_s7-1500_cpu_1515r-2_pnsimatic_s7-1500_cpu_1518t-4_pn\/dpsimatic_cloud_connect_7_cc712_firmwaresiplus_s7-1500_cpu_1516-3_pn\/dpsimatic_drive_controller_cpu_1504d_tf_firmwaresimatic_s7-1500_cpu_1513-1_pnsimatic_s7-1200_cpu_firmwaresimatic_s7-1500_cpu_1514spt_f-2_pn_firmwaresimatic_s7-1500_cpu_1513r-1_pnsimatic_s7-1500_cpu_1518tf-4_pn\/dpsimatic_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_cpu_1518t-4_pn\/dp_firmwaresimatic_s7-plcsim_advancedsimatic_s7-1500_cpu_1518f-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1516t-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1511-1_pn_tx_rail_firmwaresiplus_s7-1500_cpu_1511-1_pn_tx_railsimatic_s7-1500_cpu_1517h-3_pnsimatic_s7-1500_cpu_1512sp-1_pn_firmwaresiplus_et_200sp_cpu_1510sp_f-1_pn_railsiplus_s7-1500_cpu_1513f-1_pn_firmwaresimatic_s7-1200_cpusimatic_cloud_connect_7_cc716_firmwaresimatic_s7-1500_et_200prosimatic_s7-1500_cpu_1514spt-2_pnsimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dp_firmwaresiplus_et_200sp_cpu_1510sp_f-1_pn_rail_firmwaresiplus_s7-1500_cpu_1515f-2_pn_rail_firmwaresimatic_s7-1500_cpu_1511tf-1_pnsimatic_s7-1500_cpu_1515-2_pn_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dp_mfpsiplus_s7-1500_cpu_1515f-2_pn_t2_rail_firmwaresiplus_et_200sp_cpu_1510sp-1_pn_railsimatic_s7-1500_cpu_1511f-1_pnsiplus_et_200sp_cpu_1512sp_f-1_pnsiplus_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1510sp-1_pnsiplus_s7-1500_cpu_1511-1_pn_t1_railsiplus_et_200sp_cpu_1510sp-1_pnsimatic_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1518-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1518f-4_pn\/dp_firmwaresiplus_s7-1500_cpu_1516f-3_pn\/dpsimatic_s7-1500_cpu_1511c-1_pnsiplus_s7-1500_cpu_1515r-2_pn_tx_railsiplus_et_200sp_cpu_1512sp-1_pn_firmwaresimatic_drive_controller_cpu_1504d_tfsiplus_et_200sp_cpu_1512sp-1_pn_rail_firmwaresiplus_et_200sp_cpu_1512sp_f-1_pn_firmwaresiplus_et_200sp_cpu_1510sp_f-1_pn_firmwaresimatic_s7-1500_cpu_1511-1_pn_firmwaresimatic_s7-1500_cpu_1515t-2_pn_firmwaresiplus_s7-1500_cpu_1516f-3_pn\/dp_railsimatic_s7-1500_cpu_s7-1518-4_pn\/dp_odk_firmwaresimatic_s7-1500_cpu_s7-1518f-4_pn\/dp_odksiplus_s7-1500_cpu_1518-4_pn\/dpsimatic_s7-1500_cpu_1517h-3_pn_firmwaresimatic_s7-1500_cpu_s7-1518-4_pn\/dp_odksiplus_et_200sp_cpu_1510sp-1_pn_rail_firmwaresimatic_s7-1500_cpu_1517t-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1518f-4_pn\/dpsiplus_s7-1500_cpu_1516f-3_pn\/dp_rail_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dpsiplus_s7-1500_cpu_1515r-2_pn_tx_rail_firmwaresiplus_s7-1500_cpu_1517h-3_pn_firmwaresimatic_s7-1500_cpu_1512c-1_pn_firmwaresimatic_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1516f-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1511f-1_pnsiplus_s7-1500_cpu_1515f-2_pn_railsimatic_drive_controller_cpu_1507d_tfsimatic_s7-1500_cpu_1511tf-1_pn_firmwaresiplus_s7-1500_cpu_1518hf-4_pn_firmwaresimatic_s7-1500_cpu_1514sp_f-2_pn_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dpsimatic_s7-1500_cpu_1512c-1_pnsiplus_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_cpu_1513-1_pn_firmwaresiplus_s7-1500_cpu_1513-1_pnsiplus_s7-1500_cpu_1518f-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1516f-3_pn\/dpsimatic_s7-1500_cpu_1517tf-3_pn\/dp_firmwaresimatic_cloud_connect_7_cc712simatic_s7-1500_cpu_1512sp_f-1_pn_firmwaresimatic_s7-1500_cpu_1514sp_f-2_pnsiplus_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1518f-4_pn\/dpsimatic_s7-1500_cpu_1518tf-4_pn\/dp_firmwaresiplus_s7-1500_cpu_1515r-2_pnsimatic_s7-1500_cpu_1511t-1_pn_firmwaresimatic_s7-1500_software_controllersimatic_et_200sp_open_controller_cpu_firmwaresiplus_s7-1500_cpu_1515f-2_pn_firmwaresimatic_cloud_connect_7_cc716simatic_et_200sp_open_controller_cpuSIMATIC Cloud Connect 7 CC716SIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIMATIC S7-1500 CPU 1515T-2 PNSIMATIC WinCC Runtime Professional V19SIMATIC PCS 7 V9.1SIPLUS ET 200SP CPU 1512SP-1 PNSIMATIC Drive Controller CPU 1507D TFSIMATIC S7-PLCSIM AdvancedSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1511T-1 PNSIMATIC S7-1500 CPU 1516T-3 PN/DPSIMATIC WinCC OA V3.18SIMATIC WinCC Unified OPC UA ServerSIPLUS S7-1500 CPU 1516F-3 PN/DP RAILSIPLUS ET 200SP CPU 1510SP-1 PNSIMATIC ET 200SP CPU 1510SP F-1 PNSIMATIC NET PC Software V18SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSIPLUS ET 200SP CPU 1512SP-1 PN RAILSIMATIC WinCC OPC UA ClientSIMATIC S7-1500 CPU 1516-3 PN/DPSIPLUS ET 200SP CPU 1510SP F-1 PN RAILSIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIMATIC ET 200SP CPU 1514SPT F-2 PNSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1515TF-2 PNSIMATIC S7-1500 CPU 1512C-1 PNSIMATIC NET PC Software V16SIMATIC S7-1500 CPU 1515F-2 PNSIMATIC WinCC Runtime Professional V16SIPLUS S7-1500 CPU 1511-1 PNSIMATIC NET PC Software V17SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSIPLUS ET 200SP CPU 1510SP-1 PN RAILSIMATIC BRAUMATSIMATIC S7-1500 CPU 1517T-3 PN/DPSIMATIC WinCC V8.0SIMATIC SISTARSIMATIC S7-1500 CPU 1517TF-3 PN/DPSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 Software Controller V3SIMATIC S7-1500 CPU 1516F-3 PN/DPSIMATIC S7-1500 CPU 1517F-3 PN/DPSIMATIC Comfort/Mobile RTSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSIMATIC ET 200SP CPU 1514SPT-2 PNSIMATIC ET 200SP CPU 1514SP F-2 PNSIMATIC S7-1500 Software Controller V2SIPLUS ET 200SP CPU 1512SP F-1 PNSIPLUS S7-1500 CPU 1518F-4 PN/DPSIMATIC ET 200SP CPU 1512SP-1 PNSIMATIC S7-1500 CPU 1518F-4 PN/DPSIMATIC Drive Controller CPU 1504D TFSIMATIC WinCC Runtime Professional V17SIMATIC S7-1500 CPU 1513F-1 PNSIPLUS S7-1500 CPU 1515F-2 PNSIMATIC Cloud Connect 7 CC712SIMATIC WinCC OA V3.19SIMATIC S7-1500 CPU 1511-1 PNSIMATIC WinCC V7.5SIMATIC S7-1500 CPU 1515-2 PNSIMATIC IPC DiagMonitorSIMATIC WinCC V7.4SIPLUS ET 200SP CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1516-3 PN/DPSIPLUS S7-1500 CPU 1511-1 PN TX RAILSIMATIC S7-1500 CPU 1516TF-3 PN/DPSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSINUMERIK ONESIMATIC S7-1500 CPU 1511F-1 PNSIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 CPU 1518TF-4 PN/DPSIMATIC NET PC Software V14SIMATIC S7-1500 CPU 1511C-1 PNSIMATIC WinCC Runtime Professional V18SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSIMATIC ET 200SP CPU 1514SP-2 PNSIPLUS S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 CPU 1517-3 PN/DPSIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSIPLUS S7-1500 CPU 1511-1 PN T1 RAILSIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC WinCC OA V3.17SIPLUS S7-1500 CPU 1513F-1 PNSIMATIC PCS neo V4.0SIMATIC S7-1500 CPU 1513-1 PNSIPLUS S7-1500 CPU 1513-1 PNSIMATIC ET 200SP CPU 1510SP-1 PNSINUMERIK MCSIMATIC S7-1500 CPU 1518T-4 PN/DPSIPLUS S7-1500 CPU 1515F-2 PN RAILSIMATIC S7-1500 CPU 1511TF-1 PN
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-18206
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.46% / 64.45%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 09:00
Updated-16 Sep, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the client in Bytom before 1.0.6, checkTopicRegister in p2p/discover/net.go does not prevent negative idx values, leading to a crash.

Action-Not Available
Vendor-bytomn/a
Product-bytomn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-28097
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.70% / 72.57%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 22:03
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the Content-Length Parser

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large _Content-Length_ value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memory using the `-m` flag was allocated to OpenSIPS, such as 10 GB of RAM. On the test system, this issue occurred when shared memory was set to `2362` or higher. This issue is fixed in versions 3.1.9 and 3.2.6. The only workaround is to guarantee that the Content-Length value of input messages is never larger than `2147483647`.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-17958
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.89% / 76.01%
||
7 Day CHG~0.00%
Published-09 Oct, 2018 | 22:00
Updated-28 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxRed Hat, Inc.QEMU
Product-debian_linuxubuntu_linuxvirtualization_managerqemuvirtualizationenterprise_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-16890
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.4||MEDIUM
EPSS-1.20% / 79.41%
||
7 Day CHG~0.00%
Published-06 Feb, 2019 | 20:00
Updated-15 Apr, 2026 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

Action-Not Available
Vendor-Oracle CorporationDebian GNU/LinuxF5, Inc.Canonical Ltd.NetApp, Inc.Red Hat, Inc.Siemens AGCURL
Product-libcurlclustered_data_ontapubuntu_linuxdebian_linuxcommunications_operations_monitorhttp_serversecure_global_desktopenterprise_linuxsinema_remote_connect_clientbig-ip_access_policy_managercurl
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-17962
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 50.34%
||
7 Day CHG~0.00%
Published-09 Oct, 2018 | 22:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

Action-Not Available
Vendor-n/aSUSEDebian GNU/LinuxRed Hat, Inc.QEMUOracle CorporationCanonical Ltd.
Product-ubuntu_linuxlinux_enterprise_serverdebian_linuxqemulinuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-16881
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-2.62% / 86.03%
||
7 Day CHG~0.00%
Published-25 Jan, 2019 | 18:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.

Action-Not Available
Vendor-rsyslogThe rsyslog ProjectDebian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_serverrsyslogenterprise_linux_for_scientific_computingvirtualizationdebian_linuxvirtualization_managerenterprise_linux_workstationenterprise_linuxvirtualization_hostenterprise_linux_for_ibm_z_systemsenterprise_linux_for_power_little_endianenterprise_linux_desktopenterprise_linux_for_power_big_endianrsyslog:
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-25662
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.73%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 23:41
Updated-19 Feb, 2025 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TensorFlow vulnerable to integer overflow in EditDistance

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Action-Not Available
Vendor-TensorFlowGoogle LLC
Product-tensorflowtensorflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-25667
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 43.83%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 23:40
Updated-19 Feb, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TensorFlow vulnerable to segfault when opening multiframe gif

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 <= num_frames * height * width * channels < 2^32`, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Action-Not Available
Vendor-TensorFlowGoogle LLC
Product-tensorflowtensorflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-3475
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.15% / 78.99%
||
7 Day CHG+0.14%
Published-30 Mar, 2021 | 00:00
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

Action-Not Available
Vendor-openexrn/aDebian GNU/Linux
Product-openexrdebian_linuxOpenEXR
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-24609
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.75%
||
7 Day CHG~0.00%
Published-22 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 11:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate.

Action-Not Available
Vendor-matrixsslrambusn/a
Product-tls_toolkitmatrixssln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-14883
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-21.26% / 95.82%
||
7 Day CHG-0.23%
Published-03 Aug, 2018 | 13:00
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Debian GNU/LinuxThe PHP Group
Product-ubuntu_linuxphpdebian_linuxstorage_automation_storen/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-23323
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.5||HIGH
EPSS-0.29% / 53.33%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 12:39
Updated-12 Aug, 2025 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-triton_inference_serverwindowslinux_kernelTriton Inference Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-3474
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.01% / 77.60%
||
7 Day CHG~0.00%
Published-30 Mar, 2021 | 00:00
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability.

Action-Not Available
Vendor-openexrn/aDebian GNU/Linux
Product-openexrdebian_linuxOpenEXR
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-12617
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-11.74% / 93.88%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 18:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.

Action-Not Available
Vendor-n/aQEMUCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxqemun/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-23324
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.5||HIGH
EPSS-0.29% / 53.33%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 12:40
Updated-12 Aug, 2025 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-triton_inference_serverwindowslinux_kernelTriton Inference Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-14444
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.85%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 13:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash.

Action-Not Available
Vendor-libdxfrw_projectn/a
Product-libdxfrwn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-14343
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 74.71%
||
7 Day CHG~0.00%
Published-19 Jul, 2018 | 02:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-22895
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.52% / 67.40%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.

Action-Not Available
Vendor-bzip2_projectn/a
Product-bzip2n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2004-0788
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-13.52% / 94.40%
||
7 Day CHG~0.00%
Published-17 Sep, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.

Action-Not Available
Vendor-n/aThe GNOME Project
Product-gdkpixbufgtkn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-2176
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 22.85%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 07:31
Updated-10 Oct, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libzvbi io-sim.c vbi_capture_sim_load_caption integer overflow

A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The identifier of the patch is ca1672134b3e2962cd392212c73f44f8f4cb489f. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

Action-Not Available
Vendor-zapping-vbin/a
Product-zvbilibzvbi
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-2174
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.18% / 39.37%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 06:31
Updated-03 Oct, 2025 | 00:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libzvbi conv.c vbi_strndup_iconv_ucs2 integer overflow

A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to integer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The patch is named ca1672134b3e2962cd392212c73f44f8f4cb489f. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

Action-Not Available
Vendor-zapping-vbin/a
Product-zvbilibzvbi
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-12393
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-2.99% / 86.89%
||
7 Day CHG~0.00%
Published-28 Feb, 2019 | 18:00
Updated-05 Aug, 2024 | 08:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxthunderbirdenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopFirefoxFirefox ESRThunderbird
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-41185
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.6||HIGH
EPSS-1.28% / 80.09%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:11
Updated-08 Aug, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability

Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353.

Action-Not Available
Vendor-unified-automationUnified Automationunified-automation
Product-uagatewayUaGatewayuagateway
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2005-1513
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.91% / 94.72%
||
7 Day CHG+5.43%
Published-11 May, 2005 | 00:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

Action-Not Available
Vendor-qmail_projectn/aCanonical Ltd.Debian GNU/Linux
Product-debian_linuxubuntu_linuxqmailn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-21557
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-5.12% / 90.09%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-20690
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.55% / 81.89%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8168mt8765androidmt6739mt8385mt8788mt8321yoctomt8666mt8365mt8167MT6739, MT8167, MT8168, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-20693
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.55% / 81.89%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6895mt8168mt8765androidmt6739mt8385mt8781mt8788mt6983mt8321yoctomt8666mt8365mt8167mt8195MT6739, MT6895, MT6983, MT8167, MT8168, MT8195, MT8321, MT8365, MT8385, MT8666, MT8765, MT8781, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-6960
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.52%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 08:55
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.

Action-Not Available
Vendor-apng2gif_projectn/aCanonical Ltd.Debian GNU/Linux
Product-debian_linuxubuntu_linuxapng2gifn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-20691
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.55% / 81.89%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8765mt8385mt6739androidmt8788mt8321yoctomt8666mt8365mt8167MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11054
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-2.35% / 85.30%
||
7 Day CHG~0.00%
Published-31 Aug, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

Action-Not Available
Vendor-Dell Inc.RSA Security LLCOracle Corporation
Product-timesten_in-memory_databasecommunications_ip_service_activatorcore_rdbmscommunications_analyticsbsafegoldengate_application_adaptersreal_user_experience_insightapplication_testing_suitejd_edwards_enterpriseone_toolsretail_predictive_application_serverenterprise_manager_ops_centersecurity_serviceBSAFE Micro Edition Suite
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-20689
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.55% / 81.89%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8765mt8385mt6739androidmt8788mt8321yoctomt8666mt8365mt8167MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-1084
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.31% / 54.87%
||
7 Day CHG~0.00%
Published-12 Apr, 2018 | 17:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

Action-Not Available
Vendor-corosyncunspecifiedCanonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxcorosynccorosync
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found