Total
2841 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-22861 | 1 Ffmpeg | 1 Ffmpeg | 2025-08-11 | N/A | 7.5 HIGH |
| Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. | |||||
| CVE-2024-22862 | 1 Ffmpeg | 1 Ffmpeg | 2025-08-11 | N/A | 9.8 CRITICAL |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. | |||||
| CVE-2024-22860 | 1 Ffmpeg | 1 Ffmpeg | 2025-08-11 | N/A | 9.8 CRITICAL |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. | |||||
| CVE-2023-41185 | 1 Unified-automation | 1 Uagateway | 2025-08-08 | N/A | 7.5 HIGH |
| Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353. | |||||
| CVE-2025-2023 | 1 Ashlar | 1 Cobalt | 2025-08-08 | N/A | 7.8 HIGH |
| Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LI files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25348. | |||||
| CVE-2025-2021 | 1 Ashlar | 1 Cobalt | 2025-08-08 | N/A | 7.8 HIGH |
| Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25264. | |||||
| CVE-2023-53156 | 1 Ejmahler | 1 Transpose | 2025-08-07 | N/A | 4.5 MEDIUM |
| The transpose crate before 0.2.3 for Rust allows an integer overflow via input_width and input_height arguments. | |||||
| CVE-2024-58263 | 1 Cosmwasm | 1 Cosmwasm-std | 2025-08-07 | N/A | 3.7 LOW |
| The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations. | |||||
| CVE-2023-6478 | 4 Debian, Redhat, Tigervnc and 1 more | 6 Debian Linux, Enterprise Linux, Enterprise Linux Eus and 3 more | 2025-08-04 | N/A | 7.6 HIGH |
| A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. | |||||
| CVE-2025-0838 | 2 Abseil, Debian | 2 Common Libraries, Debian Linux | 2025-07-30 | N/A | 9.8 CRITICAL |
| There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1 | |||||
| CVE-2014-9192 | 1 Trihedral | 1 Vtscada | 2025-07-25 | 7.8 HIGH | N/A |
| Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation. | |||||
| CVE-2025-47268 | 1 Iputils Project | 1 Iputils | 2025-07-23 | N/A | 6.5 MEDIUM |
| ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication. | |||||
| CVE-2024-5197 | 2 Debian, Webmproject | 2 Debian Linux, Libvpx | 2025-07-22 | N/A | 9.1 CRITICAL |
| There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h, or stride_align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. We recommend upgrading to version 1.14.1 or beyond | |||||
| CVE-2025-49742 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-17 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally. | |||||
| CVE-2024-34663 | 1 Google | 1 Android | 2025-07-17 | N/A | 5.3 MEDIUM |
| Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-49689 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-15 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-49683 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-15 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-22471 | 1 Dell | 1 Powerscale Onefs | 2025-07-15 | N/A | 6.5 MEDIUM |
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2025-48816 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-15 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-48002 | 1 Microsoft | 2 Windows 11 24h2, Windows Server 2025 | 2025-07-15 | N/A | 5.7 MEDIUM |
| Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network. | |||||