Vulnerabilities > Integer Overflow or Wraparound

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2017-6290 Integer Overflow or Wraparound vulnerability in Google Android
In Android before the 2018-06-05 security patch level, NVIDIA TLK TrustZone contains a possible out of bounds write due to an integer overflow which could lead to local escalation of privilege with no additional execution privileges needed.
local
low complexity
google CWE-190
7.2
2018-05-31 CVE-2018-11590 Integer Overflow or Wraparound vulnerability in Espruino
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing.
network
espruino CWE-190
4.3
2018-05-29 CVE-2018-10751 Integer Overflow or Wraparound vulnerability in Samsung Mobile
A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload.
network
high complexity
samsung CWE-190
5.4
2018-05-23 CVE-2018-1126 Integer Overflow or Wraparound vulnerability in multiple products
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues.
7.5
2018-05-23 CVE-2018-1124 Integer Overflow or Wraparound vulnerability in multiple products
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function.
4.6
2018-05-19 CVE-2018-11239 Integer Overflow or Wraparound vulnerability in Hexagontoken Hexagon
An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in May 2018, aka the "burnOverflow" issue.
network
low complexity
hexagontoken CWE-190
5.0
2018-05-18 CVE-2018-11236 Integer Overflow or Wraparound vulnerability in multiple products
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
network
low complexity
gnu redhat oracle netapp CWE-190
critical
9.8
2018-05-10 CVE-2018-10973 Integer Overflow or Wraparound vulnerability in Koreashow Project Koreashow
An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters.
network
low complexity
koreashow-project CWE-190
5.0
2018-05-10 CVE-2018-10706 Integer Overflow or Wraparound vulnerability in Social-Chain Social Chain
An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue.
network
low complexity
social-chain CWE-190
5.0
2018-04-25 CVE-2018-10376 Integer Overflow or Wraparound vulnerability in Smartmesh
An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in April 2018, aka the "proxyOverflow" issue.
network
low complexity
smartmesh CWE-190
5.0