Vulnerabilities > Integer Overflow or Wraparound

DATE CVE VULNERABILITY TITLE RISK
2018-02-12 CVE-2017-17725 Integer Overflow or Wraparound vulnerability in Exiv2 0.26
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp.
network
low complexity
exiv2 CWE-190
6.5
2018-02-12 CVE-2018-6927 Integer Overflow or Wraparound vulnerability in multiple products
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
local
low complexity
linux canonical debian redhat CWE-190
7.8
2018-02-07 CVE-2017-5131 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
network
low complexity
google debian CWE-190
8.8
2018-02-07 CVE-2017-12470 Integer Overflow or Wraparound vulnerability in Ccn-Lite
Integer overflow in the ndn_parse_sequence function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the typ and vallen variables.
network
low complexity
ccn-lite CWE-190
critical
9.8
2018-02-07 CVE-2017-12465 Integer Overflow or Wraparound vulnerability in Ccn-Lite
Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have unspecified impact via vectors involving the (1) vallen variable in the iottlv_parse_sequence function or (2) typ, vallen and i variables in the localrpc_parse function.
network
low complexity
ccn-lite CWE-190
critical
9.8
2018-02-02 CVE-2018-6551 Integer Overflow or Wraparound vulnerability in GNU Glibc 2.24/2.25/2.26
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.
network
low complexity
gnu CWE-190
critical
9.8
2018-02-02 CVE-2018-6543 Integer Overflow or Wraparound vulnerability in GNU Binutils 2.30
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size.
local
low complexity
gnu CWE-190
7.8
2018-02-01 CVE-2018-6485 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
network
low complexity
gnu redhat oracle netapp CWE-190
critical
9.8
2018-01-31 CVE-2017-18043 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
local
low complexity
qemu debian canonical CWE-190
5.5
2018-01-26 CVE-2018-6323 Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1
The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used.
local
low complexity
gnu CWE-190
7.8