Vulnerabilities (CVE)

CWE filter

CWE-190

Filter

1003 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-11894 1 Google 1 Android 2019-04-18 7.2
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred network offload scan results integer overflow may lead to buffer overflow when large frame length is received from FW.
CVE-2018-20506 2 Apple, Sqlite 7 Icloud, Itunes, Sqlite and 4 more 2019-04-17 6.8
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to...
CVE-2018-20346 5 Google, Sqlite, Debian and 2 more 5 Chrome, Sqlite, Debian Linux and 2 more 2019-04-17 6.8
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code...
CVE-2018-19665 1 Qemu 1 Qemu 2019-04-17 2.7
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
CVE-2017-18233 2 Debian, Canonical 2 Debian Linux, Ubuntu Linux 2019-04-16 4.3
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.
CVE-2019-11072 1 Lighttpd 1 Lighttpd 2019-04-16 7.5
lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling...
CVE-2018-18356 5 Google, Debian, Redhat and 2 more 10 Chrome, Debian Linux, Enterprise Linux Desktop and 7 more 2019-04-16 6.8
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-20406 3 Python, Debian, Fedoraproject 3 Python, Debian Linux, Fedora 2019-04-16 5.0
Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is...
CVE-2019-3857 5 Libssh2, Netapp, Debian and 2 more 10 Libssh2, Ontap Select Deploy Administration Utility, Debian Linux and 7 more 2019-04-15 6.8
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to...
CVE-2019-3856 5 Libssh2, Netapp, Debian and 2 more 10 Libssh2, Ontap Select Deploy Administration Utility, Debian Linux and 7 more 2019-04-15 6.8
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client...
CVE-2019-3855 6 Libssh2, Netapp, Debian and 3 more 11 Libssh2, Ontap Select Deploy Administration Utility, Debian Linux and 8 more 2019-04-15 9.3
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client...
CVE-2018-0360 2 Clamav, Canonical 2 Clamav, Ubuntu Linux 2019-04-11 4.3
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
CVE-2019-0689 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-04-09 4.6
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0692,...
CVE-2019-0692 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-04-09 4.6
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689,...
CVE-2019-0693 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-04-09 4.6
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689,...
CVE-2019-0694 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-04-09 4.6
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689,...
CVE-2019-0682 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-04-09 4.6
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0689, CVE-2019-0692,...
CVE-2018-14618 4 Haxx, Canonical, Debian and 1 more 4 Libcurl, Ubuntu Linux, Debian Linux and 1 more 2019-04-09 10.0
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to...
CVE-2018-13226 1 Ylctoken Project 1 Ylctoken 2019-04-08 5.0
The sell function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
CVE-2016-1753 1 Apple 5 Mac Os X, Iphone Os, Watchos and 2 more 2019-03-25 9.3
Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.