Vulnerabilities > Integer Overflow or Wraparound

DATE CVE VULNERABILITY TITLE RISK
2017-04-02 CVE-2016-6177 Integer Overflow or Wraparound vulnerability in Huawei Oceanstor 5800 V3 Firmware V300R003C00
The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability.
network
low complexity
huawei CWE-190
4.0
2017-04-02 CVE-2017-2440 Integer Overflow or Wraparound vulnerability in Apple products
An issue was discovered in certain Apple products.
network
apple CWE-190
critical
9.3
2017-04-01 CVE-2017-7395 Integer Overflow or Wraparound vulnerability in Tigervnc 1.7.1
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server.
network
low complexity
tigervnc CWE-190
4.0
2017-03-29 CVE-2017-7294 Integer Overflow or Wraparound vulnerability in Linux Kernel
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.
local
low complexity
linux CWE-190
7.8
2017-03-28 CVE-2016-9123 Integer Overflow or Wraparound vulnerability in Go-Jose Project Go-Jose
go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures.
network
low complexity
go-jose-project CWE-190
5.0
2017-03-27 CVE-2017-5931 Integer Overflow or Wraparound vulnerability in Qemu
Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.
local
low complexity
qemu CWE-190
8.8
2017-03-23 CVE-2016-9557 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper
Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (application crash) via a crafted file.
4.3
2017-03-23 CVE-2016-9387 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.
6.8
2017-03-23 CVE-2016-9262 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper
Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities.
4.3
2017-03-20 CVE-2017-6839 Integer Overflow or Wraparound vulnerability in Audiofile 0.3.6
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
network
audiofile CWE-190
4.3