Vulnerabilities (CVE)

CWE filter

CWE-189

Filter

1420 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-2105 8 Openssl, Apple, Oracle and 5 more 16 Leap, Openssl, Enterprise Linux Desktop and 13 more 2019-02-21 5.0
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
CVE-2019-7308 1 Linux 1 Linux Kernel 2019-02-20 7.5
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to...
CVE-2019-5755 1 Google 1 Chrome 2019-02-20 5.8
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
CVE-2015-7869 2 Nvidia, Canonical 2 Ubuntu Linux, Gpu Driver 2019-02-13 6.6
Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before...
CVE-2014-9192 1 Trihedral 1 Vtscada 2019-02-01 5.0
Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers...
CVE-2017-14502 1 Libarchive 1 Libarchive 2019-01-17 5.0
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header.
CVE-2015-0852 1 Freeimage Project 1 Freeimage 2019-01-16 5.0
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window.
CVE-2018-9263 1 Wireshark 1 Wireshark 2019-01-16 5.0
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length.
CVE-2018-19623 1 Wireshark 1 Wireshark 2019-01-16 4.3
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in...
CVE-2009-0887 2 Kernel, Linux-pam 2 Linux-pam, Linux-pam 2019-01-03 6.6
Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow...
CVE-2015-8364 2 Ffmpeg, Canonical 2 Ffmpeg, Ubuntu Linux 2018-12-21 6.8
Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have...
CVE-2014-4508 2 Linux, Canonical 2 Linux Kernel, Ubuntu Linux 2018-12-18 4.7
arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid...
CVE-2013-6632 2 Google, Debian 2 Chrome, Debian Linux 2018-12-13 9.3
Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013.
CVE-2014-0497 1 Adobe 1 Flash Player 2018-12-13 10.0
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2014-8589 1 Sap 1 Network Interface Router 2018-12-10 5.0
Integer overflow in SAP Network Interface Router (SAProuter) 40.4 allows remote attackers to cause a denial of service (resource consumption) via crafted requests.
CVE-2013-0639 1 Adobe 4 Adobe Air, Flash Player For Android, Adobe Air Sdk and 1 more 2018-12-06 10.0
Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on...
CVE-2012-5677 1 Adobe 3 Adobe Air, Adobe Air Sdk, Flash Player 2018-12-04 10.0
Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on...
CVE-2012-4167 1 Adobe 4 Adobe Air, Flash Player For Android, Adobe Air Sdk and 1 more 2018-12-04 10.0
Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android...
CVE-2016-2538 1 Qemu 1 Qemu 2018-12-01 3.6
Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote...
CVE-2012-0642 1 Apple 1 Iphone Os 2018-11-29 9.3
Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.