Total
3345 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4019 | 1 Microsoft | 6 Excel, Excel Viewer, Office and 3 more | 2025-04-09 | N/A |
| Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Parsing Vulnerability." | ||||
| CVE-2008-2376 | 2 Redhat, Ruby-lang | 3 Enterprise Linux, Fedora 8, Ruby | 2025-04-09 | N/A |
| Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows. | ||||
| CVE-2009-3638 | 1 Linux | 1 Linux Kernel | 2025-04-09 | N/A |
| Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. | ||||
| CVE-2008-3520 | 2 Jasper Project, Redhat | 3 Jasper, Enterprise Linux, Rhev Manager | 2025-04-09 | N/A |
| Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation. | ||||
| CVE-2022-3515 | 3 Gnupg, Gpg4win, Redhat | 10 Gnupg, Libksba, Vs-desktop and 7 more | 2025-04-08 | 9.8 Critical |
| A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment. | ||||
| CVE-2023-29364 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-08 | 7 High |
| Windows Authentication Elevation of Privilege Vulnerability | ||||
| CVE-2023-22895 | 1 Bzip2 Project | 1 Bzip2 | 2025-04-07 | 7.5 High |
| The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product. | ||||
| CVE-2022-1812 | 1 Publify Project | 1 Publify | 2025-04-07 | 9.8 Critical |
| Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2024-36328 | 2025-04-07 | 7.3 High | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability. | ||||
| CVE-2024-36336 | 2025-04-07 | 7.9 High | ||
| Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability. | ||||
| CVE-2024-36337 | 2025-04-07 | 7.9 High | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability. | ||||
| CVE-2023-23144 | 1 Gpac | 1 Gpac | 2025-04-03 | 5.5 Medium |
| Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master. | ||||
| CVE-2022-38725 | 1 Oneidentity | 2 Syslog-ng, Syslog-ng Store Box | 2025-04-03 | 7.5 High |
| An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. | ||||
| CVE-2005-0102 | 3 Debian, Gnome, Redhat | 3 Debian Linux, Evolution, Enterprise Linux | 2025-04-03 | 9.8 Critical |
| Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. | ||||
| CVE-2006-3467 | 2 Freetype, Redhat | 2 Freetype, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861. | ||||
| CVE-2002-0639 | 1 Openbsd | 1 Openssh | 2025-04-03 | 9.8 Critical |
| Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication. | ||||
| CVE-2004-2013 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 High |
| Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | ||||
| CVE-2006-3198 | 1 Opera | 1 Opera Browser | 2025-04-03 | N/A |
| Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended. | ||||
| CVE-2005-2976 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186. | ||||
| CVE-2006-4192 | 2 Modplug, Redhat | 2 Tracker, Enterprise Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files. | ||||