| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. |
| In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. |
| In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality. |
| In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. |
| Integer overflow in the demuxer function in libmpdemux/demux_gif.c in Mplayer allows remote attackers to cause a denial of service (crash) via large dimensions in a gif file. |
| Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset. |
| The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file. |
| The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. |
| Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call. |
| coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. |
| The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution. |
| A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36621442. |
| The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. |
| The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. |
| An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. |
| The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). |
| libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0. |
| Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code. |
| In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation. |
| In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element. |