Vulnerabilities > Integer Overflow or Wraparound
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-18 | CVE-2014-9994 | Integer Overflow or Wraparound vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow. | 9.8 |
| 2018-04-17 | CVE-2018-10191 | Integer Overflow or Wraparound vulnerability in multiple products In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. | 9.8 |
| 2018-04-11 | CVE-2017-8275 | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 835, an integer overflow vulnerability exists in a video library. | 9.8 |
| 2018-04-06 | CVE-2018-9838 | Integer Overflow or Wraparound vulnerability in Ocaml 4.06.0 The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. | 9.8 |
| 2018-04-04 | CVE-2017-18257 | Integer Overflow or Wraparound vulnerability in multiple products The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. | 5.5 |
| 2018-04-04 | CVE-2018-6917 | Integer Overflow or Wraparound vulnerability in Freebsd In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. | 7.5 |
| 2018-04-03 | CVE-2018-5820 | Integer Overflow or Wraparound vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function wma_tbttoffset_update_event_handler(), a parameter received from firmware is used to allocate memory for a local buffer and is not properly validated. | 7.3 |
| 2018-04-03 | CVE-2017-15836 | Integer Overflow or Wraparound vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if the firmware sends a service ready event to the host with a large number in the num_hw_modes or num_phy, then it could result in an integer overflow which may potentially lead to a buffer overflow. | 7.3 |
| 2018-03-31 | CVE-2017-18255 | Integer Overflow or Wraparound vulnerability in Linux Kernel The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation. | 7.8 |
| 2018-03-30 | CVE-2017-17766 | Integer Overflow or Wraparound vulnerability in Google Android In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allocation may potentially lead to a buffer overflow. | 9.8 |