Search Results (3374 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1679 2 Python, Redhat 2 Python, Enterprise Linux 2025-04-09 N/A
Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.
CVE-2008-1446 1 Microsoft 4 Internet Information Services, Windows 2000, Windows Server 2003 and 1 more 2025-04-09 N/A
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."
CVE-2007-4965 2 Python, Redhat 3 Python, Enterprise Linux, Network Satellite 2025-04-09 N/A
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.
CVE-2007-3798 7 Apple, Canonical, Debian and 4 more 8 Mac Os X, Mac Os X Server, Ubuntu Linux and 5 more 2025-04-09 9.8 Critical
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
CVE-2009-0723 5 Gimp, Littlecms, Mozilla and 2 more 5 Gimp, Little Cms, Firefox and 2 more 2025-04-09 N/A
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CVE-2007-4997 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-09 N/A
Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error."
CVE-2007-0221 1 Microsoft 1 Exchange Server 2025-04-09 N/A
Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."
CVE-2009-3909 2 Gimp, Redhat 2 Gimp, Enterprise Linux 2025-04-09 N/A
Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.
CVE-2008-2376 2 Redhat, Ruby-lang 3 Enterprise Linux, Fedora 8, Ruby 2025-04-09 N/A
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.
CVE-2008-1720 1 Samba 1 Rsync 2025-04-09 N/A
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
CVE-2007-4988 3 Canonical, Imagemagick, Redhat 3 Ubuntu Linux, Imagemagick, Enterprise Linux 2025-04-09 7.8 High
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.
CVE-2007-4769 3 Postgresql, Redhat, Tcl Tk 4 Postgresql, Enterprise Linux, Rhel Application Stack and 1 more 2025-04-09 N/A
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
CVE-2006-5937 1 Grisoft 1 Avg Antivirus 2025-04-09 N/A
Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CVE-2009-3606 5 Foolabs, Glyphandcog, Kde and 2 more 5 Xpdf, Xpdfreader, Kpdf and 2 more 2025-04-09 N/A
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
CVE-2022-3515 3 Gnupg, Gpg4win, Redhat 10 Gnupg, Libksba, Vs-desktop and 7 more 2025-04-08 9.8 Critical
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
CVE-2023-29364 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-08 7 High
Windows Authentication Elevation of Privilege Vulnerability
CVE-2023-22895 1 Bzip2 Project 1 Bzip2 2025-04-07 7.5 High
The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.
CVE-2022-1812 1 Publify Project 1 Publify 2025-04-07 9.8 Critical
Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10.
CVE-2024-36336 2025-04-07 7.9 High
Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability.
CVE-2024-36337 2025-04-07 7.9 High
Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability.