Search Results (4282 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-36337 2025-04-07 7.9 High
Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability.
CVE-2024-36328 2025-04-07 7.3 High
Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability.
CVE-2024-36336 2025-04-07 7.9 High
Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability.
CVE-2023-23144 1 Gpac 1 Gpac 2025-04-03 5.5 Medium
Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master.
CVE-2022-38725 1 Oneidentity 2 Syslog-ng, Syslog-ng Store Box 2025-04-03 7.5 High
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
CVE-2002-0844 2 Distrotech, Redhat 2 Cvs, Enterprise Linux 2025-04-03 7.8 High
Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.
CVE-2005-1141 1 Optical Character Recognition Project 1 Optical Character Recognition 2025-04-03 9.8 Critical
Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, which leads to a heap-based buffer overflow.
CVE-2004-0342 1 Wftpd Pro Server Project 1 Wftpd Pro Server 2025-04-03 5.5 Medium
WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service (crash) via a (1) MKD or (2) XMKD command that causes an absolute path of 260 characters to be used, which overwrites a cookie with a null character, possibly due to an off-by-one error.
CVE-2002-0653 2 Modssl, Redhat 6 Mod Ssl, Enterprise Linux, Linux and 3 more 2025-04-03 7.8 High
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
CVE-2002-1816 1 Redshift 1 Atphttpd 2025-04-03 9.8 Critical
Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2003-0625 1 Hadrons 1 Xfstt 2025-04-03 7.5 High
Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response.
CVE-1999-0226 1 Microsoft 1 Windows Nt 2025-04-03 N/A
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.
CVE-2005-1891 2 Aol, Microsoft 2 Aim, Windows 2025-04-03 7.5 High
The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable.
CVE-2006-4192 2 Modplug, Redhat 2 Tracker, Enterprise Linux 2025-04-03 N/A
Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files.
CVE-2003-0466 7 Apple, Freebsd, Netbsd and 4 more 10 Mac Os X, Mac Os X Server, Freebsd and 7 more 2025-04-03 9.8 Critical
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVE-2006-3198 1 Opera 1 Opera Browser 2025-04-03 N/A
Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended.
CVE-2004-2013 1 Linux 1 Linux Kernel 2025-04-03 7.8 High
Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory.
CVE-2001-1391 2 Linux, Redhat 2 Linux Kernel, Linux 2025-04-03 5.5 Medium
Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.
CVE-2003-0252 2 Linux-nfs, Redhat 3 Nfs-utils, Enterprise Linux, Linux 2025-04-03 9.8 Critical
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
CVE-2005-4856 1 Ez 1 Ez Publish 2025-04-03 N/A
The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051110 does not properly handle authorization errors, which allows remote attackers to obtain sensitive information and see the admin pagelayout and associated templates via a request with (1) "anything after the url" or (2) a "wrong url".