Vulnerabilities > Integer Overflow or Wraparound

DATE CVE VULNERABILITY TITLE RISK
2017-03-28 CVE-2016-9123 Integer Overflow or Wraparound vulnerability in Go-Jose Project Go-Jose
go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures.
network
low complexity
go-jose-project CWE-190
7.5
7.5
2017-03-27 CVE-2017-5931 Integer Overflow or Wraparound vulnerability in Qemu
Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.
local
low complexity
qemu CWE-190
8.8
8.8
2017-03-23 CVE-2016-9557 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper
Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (application crash) via a crafted file.
local
low complexity
jasper-project CWE-190
5.5
5.5
2017-03-23 CVE-2016-9387 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.
local
low complexity
jasper-project CWE-190
7.8
7.8
2017-03-23 CVE-2016-9262 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper
Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities.
local
low complexity
jasper-project CWE-190
5.5
5.5
2017-03-20 CVE-2017-6839 Integer Overflow or Wraparound vulnerability in Audiofile 0.3.6
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
local
low complexity
audiofile CWE-190
5.5
5.5
2017-03-20 CVE-2017-6838 Integer Overflow or Wraparound vulnerability in Audiofile 0.3.6
Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
local
low complexity
audiofile CWE-190
5.5
5.5
2017-03-20 CVE-2015-8983 Integer Overflow or Wraparound vulnerability in GNU Glibc
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow.
network
high complexity
gnu CWE-190
8.1
8.1
2017-03-17 CVE-2015-4645 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
local
low complexity
squashfs-project fedoraproject CWE-190
5.5
5.5
2017-03-17 CVE-2017-6962 Integer Overflow or Wraparound vulnerability in Apng2Gif Project Apng2Gif 1.7
An issue was discovered in apng2gif 1.7.
network
low complexity
apng2gif-project CWE-190
7.5
7.5