Total
2409 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25516 | 1 Nvidia | 1 Gpu Display Driver | 2023-07-10 | N/A | 7.1 HIGH |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service. | |||||
| CVE-2023-20690 | 3 Google, Linuxfoundation, Mediatek | 11 Android, Yocto, Mt6739 and 8 more | 2023-07-07 | N/A | 7.5 HIGH |
| In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735. | |||||
| CVE-2023-20693 | 3 Google, Linuxfoundation, Mediatek | 15 Android, Yocto, Mt6739 and 12 more | 2023-07-07 | N/A | 7.5 HIGH |
| In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711. | |||||
| CVE-2023-20691 | 3 Google, Linuxfoundation, Mediatek | 10 Android, Yocto, Mt6739 and 7 more | 2023-07-07 | N/A | 7.5 HIGH |
| In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731. | |||||
| CVE-2023-20689 | 3 Google, Linuxfoundation, Mediatek | 10 Android, Yocto, Mt6739 and 7 more | 2023-07-07 | N/A | 7.5 HIGH |
| In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741. | |||||
| CVE-2023-20755 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2023-07-07 | N/A | 6.7 MEDIUM |
| In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07509605. | |||||
| CVE-2023-20756 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2023-07-07 | N/A | 6.7 MEDIUM |
| In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928. | |||||
| CVE-2022-28331 | 2 Apache, Microsoft | 2 Portable Runtime, Windows | 2023-07-07 | N/A | 9.8 CRITICAL |
| On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in apr_socket_sendv(). This is a result of integer overflow. | |||||
| CVE-2022-3515 | 2 Gnupg, Gpg4win | 4 Gnupg, Libksba, Vs-desktop and 1 more | 2023-07-06 | N/A | 9.8 CRITICAL |
| A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment. | |||||
| CVE-2023-21193 | 1 Google | 1 Android | 2023-07-05 | N/A | 7.5 HIGH |
| In VideoFrame of VideoFrame.h, there is a possible abort due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233006499 | |||||
| CVE-2023-25004 | 1 Autodesk | 17 Alias, Autocad, Autocad Advance Steel and 14 more | 2023-07-05 | N/A | 7.8 HIGH |
| A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution. | |||||
| CVE-2022-48334 | 1 Widevine | 1 Trusted Application | 2023-07-03 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48335 | 1 Widevine | 1 Trusted Application | 2023-07-03 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48336 | 1 Widevine | 1 Trusted Application | 2023-07-03 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48331 | 1 Widevine | 1 Trusted Application | 2023-07-03 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48332 | 1 Widevine | 1 Trusted Application | 2023-07-03 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow. | |||||
| CVE-2022-48333 | 1 Widevine | 1 Trusted Application | 2023-07-03 | N/A | 9.8 CRITICAL |
| Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow. | |||||
| CVE-2022-32543 | 1 Estsoft | 1 Alyac | 2023-06-29 | N/A | 7.8 HIGH |
| An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-29886 | 1 Estsoft | 1 Alyac | 2023-06-28 | N/A | 7.8 HIGH |
| An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-2566 | 1 Ffmpeg | 1 Ffmpeg | 2023-06-27 | N/A | 7.8 HIGH |
| A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 | |||||