Vulnerabilities > Integer Overflow or Wraparound
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-04 | CVE-2017-18257 | Integer Overflow or Wraparound vulnerability in multiple products The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. | 5.5 |
| 2018-04-04 | CVE-2018-6917 | Integer Overflow or Wraparound vulnerability in Freebsd In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. | 7.5 |
| 2018-04-03 | CVE-2018-5820 | Integer Overflow or Wraparound vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function wma_tbttoffset_update_event_handler(), a parameter received from firmware is used to allocate memory for a local buffer and is not properly validated. | 7.3 |
| 2018-04-03 | CVE-2017-15836 | Integer Overflow or Wraparound vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if the firmware sends a service ready event to the host with a large number in the num_hw_modes or num_phy, then it could result in an integer overflow which may potentially lead to a buffer overflow. | 7.3 |
| 2018-03-31 | CVE-2017-18255 | Integer Overflow or Wraparound vulnerability in Linux Kernel The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation. | 7.8 |
| 2018-03-30 | CVE-2017-17766 | Integer Overflow or Wraparound vulnerability in Google Android In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allocation may potentially lead to a buffer overflow. | 9.8 |
| 2018-03-27 | CVE-2018-7194 | Integer Overflow or Wraparound vulnerability in Osticket Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a large number of digits in the ticket number format setting. | 4.9 |
| 2018-03-23 | CVE-2017-15325 | Integer Overflow or Wraparound vulnerability in Huawei products The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. | 7.8 |
| 2018-03-16 | CVE-2017-15831 | Integer Overflow or Wraparound vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function wma_ndp_end_indication_event_handler(), there is no input validation check on a event_info value coming from firmware, which can cause an integer overflow and then leads to potential heap overwrite. | 7.8 |
| 2018-03-16 | CVE-2017-14887 | Integer Overflow or Wraparound vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of messages of type eWNI_SME_MODIFY_ADDITIONAL_IES, an integer overflow leading to heap buffer overflow may potentially occur. | 7.8 |