Vulnerabilities > Integer Underflow (Wrap or Wraparound)

DATE CVE VULNERABILITY TITLE RISK
2018-04-18 CVE-2015-9167 Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur.
network
low complexity
qualcomm CWE-191
critical
9.8
2018-04-18 CVE-2015-9129 Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs.
network
low complexity
qualcomm CWE-191
critical
9.8
2018-02-28 CVE-2018-7569 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
local
low complexity
gnu redhat CWE-191
5.5
2018-02-04 CVE-2018-6612 Integer Underflow (Wrap or Wraparound) vulnerability in Jhead Project Jhead 3.0
An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact.
local
low complexity
jhead-project CWE-191
5.5
2018-01-09 CVE-2015-1208 Integer Underflow (Wrap or Wraparound) vulnerability in Ffmpeg
Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.
local
low complexity
ffmpeg CWE-191
5.5
2017-10-24 CVE-2017-15874 Integer Underflow (Wrap or Wraparound) vulnerability in Busybox 1.27.2
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.
local
low complexity
busybox CWE-191
5.5
2017-10-04 CVE-2017-14997 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
network
low complexity
graphicsmagick debian CWE-191
6.5
2017-10-03 CVE-2017-14496 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
7.5
2017-09-28 CVE-2017-14796 Integer Underflow (Wrap or Wraparound) vulnerability in Libbpg Project Libbpg 0.9.7
The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in hevc_filter.c in libavcodec in FFmpeg and sao_filter_CTB in hevc_filter.c in libavcodec in FFmpeg.
network
low complexity
libbpg-project CWE-191
8.8
2017-08-24 CVE-2017-13666 Integer Underflow (Wrap or Wraparound) vulnerability in Multicorewareinc X265
An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products.
local
low complexity
multicorewareinc CWE-191
5.5