Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-45491

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-30 Aug, 2024 | 00:00
Updated At-18 Oct, 2024 | 13:07
Rejected At-
Credits

An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:30 Aug, 2024 | 00:00
Updated At:18 Oct, 2024 | 13:07
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/libexpat/libexpat/pull/891
N/A
https://github.com/libexpat/libexpat/issues/888
N/A
Hyperlink: https://github.com/libexpat/libexpat/pull/891
Resource: N/A
Hyperlink: https://github.com/libexpat/libexpat/issues/888
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
libexpat
Product
expat
CPEs
  • cpe:2.3:a:libexpat:expat:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 2.6.3 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-190CWE-190 Integer Overflow or Wraparound
Type: CWE
CWE ID: CWE-190
Description: CWE-190 Integer Overflow or Wraparound
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://security.netapp.com/advisory/ntap-20241018-0003/
N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20241018-0003/
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:30 Aug, 2024 | 03:15
Updated At:04 Sep, 2024 | 14:28

An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CPE Matches

libexpat_project
libexpat_project
>>libexpat>>Versions before 2.6.3(exclusive)
cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarynvd@nist.gov
CWE-190Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-190
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-190
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/libexpat/libexpat/issues/888cve@mitre.org
Issue Tracking
https://github.com/libexpat/libexpat/pull/891cve@mitre.org
Patch
Hyperlink: https://github.com/libexpat/libexpat/issues/888
Source: cve@mitre.org
Resource:
Issue Tracking
Hyperlink: https://github.com/libexpat/libexpat/pull/891
Source: cve@mitre.org
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

282Records found

CVE-2016-10141
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 69.96%
||
7 Day CHG~0.00%
Published-13 Jan, 2017 | 09:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-9556
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-1.17% / 77.77%
||
7 Day CHG~0.00%
Published-06 Dec, 2018 | 14:00
Updated-05 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ParsePayloadHeader of payload_metadata.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113118184.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-48333
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 23.18%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 00:00
Updated-04 Dec, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow.

Action-Not Available
Vendor-widevinen/a
Product-trusted_applicationn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-43974
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-8.72% / 92.14%
||
7 Day CHG~0.00%
Published-09 Jan, 2023 | 00:00
Updated-06 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in 4.6.0.

Action-Not Available
Vendor-matrixssln/a
Product-matrixssln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-26065
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.19%
||
7 Day CHG~0.00%
Published-10 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain Lexmark devices through 2023-02-19 have an Integer Overflow.

Action-Not Available
Vendor-n/aLexmark International, Inc.
Product-mx521mx611x746mx622b2650mxlsg_firmwaremxngm_firmwarecx421m1242mc3224mx431ms822ms818b2338b3340xm9155c2325xc2235x748x46xx86xms811mxtgw_firmwarecx517xc9455mb3442xs795cx735c2132t65xc3426ms911m1246ms711xs955xc9465ms821mb2546c746xm3142csnzj_firmwarems431xc4352xm5365xm7170c736cslbl_firmwarexm9165mx717xm5163mxtpm_firmwarecx522x950cx510mx725mx811lr_firmwarex954c950m5255w850cs331b2865cx931mx617mc232mxtgm_firmwarems321xm7370xm7263xm7270cx417xs798mxtct_firmwarex952c734xs796ms421cs417cstpc_firmwarecslbn_firmwareb2236cstzj_firmwaremc2640cx730b2546c2326cx942m1342m5270b2442cxlbn_firmwaremx522mx810cs622mslbd_firmwarem5163dnmc3326cs421ms331mx931ms810dexm1242ms710xs950cx431c2535xc2132xm7155ms812decs4106500exm3150mx421ms817cs439cxlbl_firmwaremx610mx812c2425xc9325xc4240c3326m5163decs796lw80_firmwarem5170x792mx910cs517xm5170mb2650cx317cx944cx930xc4342mxlbd_firmwarecx310x548msngm_firmwarecx622mx6500exm5270cs310c748cxtpc_firmwarexc2130xm7355mc3426b3442mx321xc9445xm9145m5155mx912xm5370xs748mx826mx721cs510mb2236cs431mx711ms621mstgw_firmwarems823x65xms725ms622cx410cs521xc9335cs317mx911mx710cs748ms810dncxtzj_firmwarecx943mb2770mx822mx718lp_firmwarex73xmslsg_firmwaremsngw_firmwarexm7163x925c3224xs925ms812dnmb2442m3250xm3250xs548ms521mc2535c792e46xxm1246cs943ms439xm5263xc2326mx722mb2338cxtmm_firmwaremx331ms826mx432c925c2240xm1342mc2425lhs60_firmwarecx625ms825n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-35966
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.46%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 15:14
Updated-17 Sep, 2024 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the realloc function.

Action-Not Available
Vendor-yifanwirelessYifanyifanwireless
Product-yf325yf325_firmwareYF325yf325_firmware
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32073
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 79.31%
||
7 Day CHG~0.00%
Published-13 Jul, 2022 | 15:29
Updated-03 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR.

Action-Not Available
Vendor-wolfsshn/a
Product-wolfsshn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-41903
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-18.29% / 94.96%
||
7 Day CHG~0.00%
Published-17 Jan, 2023 | 22:17
Updated-10 Mar, 2025 | 21:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer overflow in `git archive`, `git log --format` leading to RCE in git

Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.

Action-Not Available
Vendor-git-scmgit
Product-gitgit
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-48332
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 23.18%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 00:00
Updated-05 Dec, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow.

Action-Not Available
Vendor-widevinen/a
Product-trusted_applicationn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2015-8387
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-2.31% / 84.11%
||
7 Day CHG~0.00%
Published-02 Dec, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

Action-Not Available
Vendor-pcren/aFedora ProjectThe PHP Group
Product-fedoraperl_compatible_regular_expression_libraryphpn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-48336
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.93%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 00:00
Updated-04 Dec, 2024 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow.

Action-Not Available
Vendor-widevinen/a
Product-trusted_applicationn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-27425
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-1.98% / 82.83%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:21
Updated-16 Apr, 2025 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cesanta Software Mongoose-OS Integer Overflow or Wraparound

Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mm_malloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

Action-Not Available
Vendor-cesantaCesanta Software
Product-mongoose_osMongoose-OS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-3420
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.46%
||
7 Day CHG~0.00%
Published-05 Mar, 2021 | 19:19
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow.

Action-Not Available
Vendor-newlib_projectn/aFedora Project
Product-newlibfedoranewlib
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-33797
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-9.8||CRITICAL
EPSS-0.10% / 27.87%
||
7 Day CHG~0.00%
Published-17 Apr, 2023 | 00:00
Updated-06 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsmujs
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-31870
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.28% / 78.75%
||
7 Day CHG~0.00%
Published-30 Apr, 2021 | 05:19
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.

Action-Not Available
Vendor-klibc_projectn/aDebian GNU/Linux
Product-debian_linuxklibcn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-31872
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.17% / 77.85%
||
7 Day CHG~0.00%
Published-30 Apr, 2021 | 05:19
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.

Action-Not Available
Vendor-klibc_projectn/aDebian GNU/Linux
Product-debian_linuxklibcn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-30636
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 55.71%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 00:27
Updated-03 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc.

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-linkit_software_development_kitn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-48331
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 23.18%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 00:00
Updated-13 Feb, 2025 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow.

Action-Not Available
Vendor-widevinen/a
Product-trusted_applicationn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-28879
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 32.18%
||
7 Day CHG~0.00%
Published-11 Apr, 2021 | 00:00
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.

Action-Not Available
Vendor-rust-langn/aFedora Project
Product-rustfedoran/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-2177
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.12% / 31.44%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 07:31
Updated-11 Mar, 2025 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libzvbi search.c vbi_search_new integer overflow

A vulnerability classified as critical was found in libzvbi up to 0.2.43. This vulnerability affects the function vbi_search_new of the file src/search.c. The manipulation of the argument pat_len leads to integer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The patch is identified as ca1672134b3e2962cd392212c73f44f8f4cb489f. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

Action-Not Available
Vendor-n/a
Product-libzvbi
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-2176
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.12% / 31.44%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 07:31
Updated-11 Mar, 2025 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libzvbi io-sim.c vbi_capture_sim_load_caption integer overflow

A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The identifier of the patch is ca1672134b3e2962cd392212c73f44f8f4cb489f. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

Action-Not Available
Vendor-n/a
Product-libzvbi
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-29644
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-2.62% / 85.11%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 18:19
Updated-03 Aug, 2024 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS.

Action-Not Available
Vendor-n/aHitachi, Ltd.Microsoft Corporation
Product-job_management_partner_1\/it_desktop_management-managerjp1\/remote_control_agentjp1\/it_desktop_management-managerjp1\/it_desktop_management_2-managerjp1\/it_desktop_management_2-operations_directorjob_management_partner_1\/remote_control_agentwindowsjp1\/netdm\/dm_clientjob_management_partner_1\/software_distribution_clientjp1\/netdm\/dm_managerjp1\/netm\/remote_control_agentjob_management_partner_1\/software_distribution_managerjob_management_partner_1\/it_desktop_management_2-managerit_operations_directorjp1\/netdm\/dm_client-remote_control_featuren/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-27421
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-0.45% / 62.91%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:24
Updated-16 Apr, 2025 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NXP MCUXpresso SDK Integer Overflow or Wraparound

NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.

Action-Not Available
Vendor-nxpNXP
Product-mcuxpresso_software_development_kitMCUXpresso SDK
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-27427
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-2.11% / 83.41%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:16
Updated-16 Apr, 2025 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RIOT OS Integer Overflow or Wraparound

RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

Action-Not Available
Vendor-riot-osRIOT OS
Product-riotRIOT OS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-27419
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-3.14% / 86.37%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:20
Updated-16 Apr, 2025 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
uClibc-ng Integer Overflow or Wraparound

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

Action-Not Available
Vendor-uclibc-ng_projectuClibc-ng
Product-uclibc-nguClibc-ng
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-27417
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4.6||MEDIUM
EPSS-0.18% / 40.08%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:17
Updated-16 Apr, 2025 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
eCosCentric eCosPro RTOS Integer Overflow or Wraparound

eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in function calloc (an implementation of malloc). The unverified memory assignment can lead to arbitrary memory allocation, resulting in a heap-based buffer overflow.

Action-Not Available
Vendor-ecoscentriceCosCentric
Product-ecosproeCosPro RTOS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-27439
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-1.05% / 76.65%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:26
Updated-16 Apr, 2025 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TencentOS-tiny Integer Overflow or Wraparound

TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tos_mmheap_alloc incorrect calculation of effective memory allocation size. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

Action-Not Available
Vendor-tencentTencentOS-tiny
Product-tencentos-tinyTencentOS-tiny
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-27431
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-0.49% / 64.58%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 20:23
Updated-16 Apr, 2025 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ARM CMSIS RTOS2 Integer Overflow or Wraparound

ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc (local malloc equivalent) function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution.

Action-Not Available
Vendor-Arm Limited
Product-cmsis-rtosCMSIS RTOS2
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-26706
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.76% / 72.35%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 00:19
Updated-03 Aug, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW. Because these functions use multiplication to calculate the pool sizes, the operation may cause an integer overflow if the arguments are large enough. The resulting memory pool will be smaller than expected and may be exploited by an attacker.

Action-Not Available
Vendor-micriumn/a
Product-uc\/libn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-0838
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-5.9||MEDIUM
EPSS-0.09% / 26.13%
||
7 Day CHG~0.00%
Published-21 Feb, 2025 | 14:20
Updated-30 Jul, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap Buffer overflow in Abseil

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Action-Not Available
Vendor-abseilabseilDebian GNU/Linux
Product-debian_linuxcommon_librariesabseil-cpp
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-26109
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-8.1||HIGH
EPSS-1.34% / 79.27%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 12:22
Updated-25 Oct, 2024 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortinet FortiOS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-24036
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.86% / 85.73%
||
7 Day CHG+0.16%
Published-23 Jul, 2021 | 00:30
Updated-03 Aug, 2024 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions prior to 4.80.5, all versions between 4.81.0 and 4.102.1, all versions between 4.103.0 and 4.113.0, and versions 4.114.0, 4.115.0, 4.116.0, 4.117.0, 4.118.0 and 4.118.1.

Action-Not Available
Vendor-Facebook
Product-follyhhvmfollyHHVM
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10627
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 67.27%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2

Action-Not Available
Vendor-Qualcomm Technologies, Inc.HP Inc.
Product-j9v80ad3q15ad3q20a_firmwared3q21dd9l64aj6u57b_firmwarek9z74d_firmwared3q21bj6u51b_firmwarej6u57a_firmwarew2z53b_firmwarej6u57bd9l64a_firmwarej3p65a_firmwarej9v82ad3q21d_firmwarej6u55a_firmwared3q15a_firmwarek9z74a_firmwared9l63a_firmwared3q21cj6u55d_firmwared3q15dj6u57aj9v80a_firmwarej9v80b_firmwarej9v80bd3q17aw2z52bd3q20b_firmwarew2z52b_firmwared3q21aj3p65ad3q21a_firmwared3q20dd3q19d2dr21dd3q20c_firmwared3q20d_firmwared3q19ak9z74aj6u55ad3q20aj3p68a_firmwarek9z76b_firmwared3q16dj6u51bj9v78b_firmwarek9z76a_firmwared3q15bd3q17d_firmwarek9z76ad3q21c_firmwareipsd3q17a_firmwarej9v82d_firmwared3q17dd3q16aj9v82dd9l63ad3q16d_firmwaret0g70a_firmwarej6u55dk9z76d_firmwarek9z76dk9z76bd3q19bd3q20bd3q15b_firmware2dr21d_firmwared3q15d_firmwarej3p68ak9z74dd3q20cd3q19b_firmwarew2z53bd3q16a_firmwared3q19d_firmwaret0g70aj9v82a_firmwarej9v78bd3q19a_firmwared3q21b_firmwarePostScript and PDF printers that use IPS versions prior to 2019.2
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2010-4202
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.89% / 74.57%
||
7 Day CHG~0.00%
Published-05 Nov, 2010 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncGoogle LLC
Product-linux_kernelchromen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-48335
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.93%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 00:00
Updated-04 Dec, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow.

Action-Not Available
Vendor-widevinen/a
Product-trusted_applicationn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10572
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.62%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-49112
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.8||CRITICAL
EPSS-87.02% / 99.40%
||
7 Day CHG+0.34%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_server_2016windows_10_1809windows_server_2012windows_11_22h2windows_server_2025windows_11_24h2windows_10_21h2windows_server_2022_23h2windows_10_22h2windows_10_1507windows_server_2022windows_10_1607windows_server_2019Windows 10 Version 22H2Windows Server 2012Windows 10 Version 1809Windows 11 version 22H3Windows 11 Version 23H2Windows Server 2008 R2 Service Pack 1Windows 10 Version 1607Windows Server 2016Windows Server 2025 (Server Core installation)Windows 11 Version 24H2Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 1507Windows Server 2022Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-47537
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.20% / 42.54%
||
7 Day CHG+0.02%
Published-11 Dec, 2024 | 18:51
Updated-19 Dec, 2024 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GHSL-2024-094: GStreamer has an OOB-write in isomp4/qtdemux.c

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10.

Action-Not Available
Vendor-gstreamer_projectgstreamer
Product-gstreamergstreamer
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-47606
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.59% / 68.17%
||
7 Day CHG+0.07%
Published-11 Dec, 2024 | 19:12
Updated-24 Jul, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. The function gst_buffer_new_allocate then attempts to allocate memory, eventually calling _sysmem_new_block. The function _sysmem_new_block adds alignment and header size to the (unsigned) size, causing the overflow of the 'slice_size' variable. As a result, only 0x89 bytes are allocated, despite the large input size. When the following memcpy call occurs in gst_buffer_fill, the data from the input file will overwrite the content of the GstMapInfo info structure. Finally, during the call to gst_memory_unmap, the overwritten memory may cause a function pointer hijack, as the mem->allocator->mem_unmap_full function is called with a corrupted pointer. This function pointer overwrite could allow an attacker to alter the execution flow of the program, leading to arbitrary code execution. This vulnerability is fixed in 1.24.10.

Action-Not Available
Vendor-gstreamer_projectgstreamerDebian GNU/Linux
Product-debian_linuxgstreamergstreamer
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2024-46483
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.94% / 85.90%
||
7 Day CHG~0.00%
Published-22 Oct, 2024 | 00:00
Updated-23 Oct, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.

Action-Not Available
Vendor-n/axlightftpd
Product-n/axlight_ftp_server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-46613
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.33% / 54.92%
||
7 Day CHG+0.03%
Published-10 Nov, 2024 | 00:00
Updated-19 Nov, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_free_split, string_free_split_command, and string_free_split_tags.

Action-Not Available
Vendor-weechatn/aweechat
Product-weechatn/aweechat
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-43566
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-8.93% / 92.24%
||
7 Day CHG~0.00%
Published-17 Oct, 2024 | 22:39
Updated-08 Jul, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-edge_chromiumMicrosoft Edge (Chromium-based)
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-43091
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.27%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 17:25
Updated-17 Dec, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-40765
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.01%
||
7 Day CHG~0.00%
Published-09 Jan, 2025 | 07:12
Updated-09 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.

Action-Not Available
Vendor-SonicWall Inc.
Product-SonicOS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-22875
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.07% / 86.22%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 14:43
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-jsishn/a
Product-jsishn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2009-0947
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.43%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 15:58
Updated-07 Aug, 2024 | 04:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.

Action-Not Available
Vendor-n/aApple Inc.
Product-filesn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-41184
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.17% / 38.74%
||
7 Day CHG-0.14%
Published-18 Jul, 2024 | 00:00
Updated-02 Aug, 2024 | 04:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user.

Action-Not Available
Vendor-n/aacassen
Product-n/akeepalived
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-8794
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-9.8||CRITICAL
EPSS-6.07% / 90.39%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 20:00
Updated-17 Sep, 2024 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

Action-Not Available
Vendor-rdesktopDebian GNU/LinuxCheck Point Software Technologies Ltd.openSUSE
Product-rdesktopdebian_linuxleaprdesktop
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-8795
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-9.8||CRITICAL
EPSS-6.79% / 90.94%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 20:00
Updated-16 Sep, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.

Action-Not Available
Vendor-rdesktopDebian GNU/LinuxCheck Point Software Technologies Ltd.openSUSE
Product-rdesktopdebian_linuxleaprdesktop
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-2921
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.1||HIGH
EPSS-2.15% / 83.56%
||
7 Day CHG~0.00%
Published-07 Nov, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An attacker needs to send a specially crafted websocket packet over network to trigger this vulnerability.

Action-Not Available
Vendor-cesantaCesanta
Product-mongooseMongoose
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found