Total
3239 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15873 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-06-09 | 5.5 Medium |
| The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. | ||||
| CVE-2013-7354 | 1 Libpng | 1 Libpng | 2025-06-09 | 6.5 Medium |
| Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. | ||||
| CVE-2013-7353 | 1 Libpng | 1 Libpng | 2025-06-09 | 6.5 Medium |
| Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. | ||||
| CVE-2011-3045 | 6 Debian, Fedoraproject, Google and 3 more | 13 Debian Linux, Fedora, Chrome and 10 more | 2025-06-09 | 8.8 High |
| Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | ||||
| CVE-2021-38185 | 2 Gnu, Redhat | 2 Cpio, Enterprise Linux | 2025-06-09 | 7.8 High |
| GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | ||||
| CVE-2025-48174 | 1 Aomedia | 1 Libavif | 2025-06-04 | 4.5 Medium |
| In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. | ||||
| CVE-2024-23851 | 1 Linux | 1 Linux Kernel | 2025-06-04 | 5.5 Medium |
| copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl. | ||||
| CVE-2025-47294 | 1 Fortinet | 1 Fortios | 2025-06-04 | 4.8 Medium |
| A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request. | ||||
| CVE-2024-36617 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 6.2 Medium |
| FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder. | ||||
| CVE-2024-35369 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 5.5 Medium |
| In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in undefined behavior or crashes during the decoding process. | ||||
| CVE-2024-36619 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 5.3 Medium |
| FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service (DoS) condition. | ||||
| CVE-2024-36618 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 6.2 Medium |
| FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition. | ||||
| CVE-2024-36616 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 6.5 Medium |
| An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file. | ||||
| CVE-2024-35366 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 9.1 Critical |
| FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking. | ||||
| CVE-2024-36613 | 1 Ffmpeg | 1 Ffmpeg | 2025-06-03 | 6.2 Medium |
| FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior. | ||||
| CVE-2023-47994 | 1 Freeimage Project | 1 Freeimage | 2025-06-03 | 8.8 High |
| An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code. | ||||
| CVE-2023-28185 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-06-03 | 5.5 Medium |
| An integer overflow was addressed through improved input validation. This issue is fixed in tvOS 16.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to cause a denial-of-service. | ||||
| CVE-2023-35057 | 1 Tonybybell | 1 Gtkwave | 2025-06-03 | 7.8 High |
| An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-38618 | 1 Tonybybell | 1 Gtkwave | 2025-06-03 | 7.8 High |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array. | ||||
| CVE-2023-38623 | 1 Tonybybell | 1 Gtkwave | 2025-06-03 | 7.8 High |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `vindex_offset` array. | ||||