Search Results (4282 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-1185 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2025-04-11 7.8 High
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
CVE-2011-1770 3 Fedoraproject, Linux, Redhat 4 Fedora, Linux Kernel, Enterprise Linux and 1 more 2025-04-11 7.5 High
Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read.
CVE-2012-2113 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-04-11 N/A
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
CVE-2013-4332 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2025-04-11 N/A
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
CVE-2012-0067 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 N/A
wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file.
CVE-2012-0501 3 Oracle, Redhat, Sun 5 Jre, Enterprise Linux, Network Satellite and 2 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors.
CVE-2013-6425 5 Canonical, Debian, Opensuse and 2 more 11 Ubuntu Linux, Debian Linux, Opensuse and 8 more 2025-04-11 N/A
Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
CVE-2012-2383 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-11 N/A
Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.
CVE-2012-2807 4 Apple, Google, Linux and 1 more 4 Iphone Os, Chrome, Linux Kernel and 1 more 2025-04-11 N/A
Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2013-6114 1 Apple 1 Motion 2025-04-11 N/A
Integer overflow in the OZDocument::parseElement function in Apple Motion 5.0.7 allows remote attackers to cause a denial of service (application crash) via a (1) large or (2) small value in the subview attribute of a viewer element in a .motn file.
CVE-2010-4162 5 Fedoraproject, Linux, Opensuse and 2 more 9 Fedora, Linux Kernel, Opensuse and 6 more 2025-04-11 N/A
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.
CVE-2010-4164 4 Debian, Linux, Opensuse and 1 more 7 Debian Linux, Linux Kernel, Opensuse and 4 more 2025-04-11 N/A
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873.
CVE-2011-3065 1 Google 1 Chrome 2025-04-11 N/A
Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2013-0899 6 Apple, Google, Linux and 3 more 9 Ipados, Iphone Os, Mac Os X and 6 more 2025-04-11 N/A
Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.
CVE-2010-4530 2 Muscle, Redhat 2 Pcsc-lite, Enterprise Linux 2025-04-11 N/A
Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.
CVE-2013-1721 1 Mozilla 2 Firefox, Seamonkey 2025-04-11 N/A
Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2010-0739 2 Redhat, Tug 3 Enterprise Linux, Tetex, Tex Live 2025-04-11 N/A
Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CVE-2012-1867 1 Microsoft 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more 2025-04-11 8.4 High
Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted TrueType font file that triggers incorrect memory allocation, aka "Font Resource Refcount Integer Overflow Vulnerability."
CVE-2012-2036 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.
CVE-2010-0001 2 Gnu, Redhat 2 Gzip, Enterprise Linux 2025-04-11 N/A
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.