Vulnerabilities > Integer Underflow (Wrap or Wraparound)

DATE CVE VULNERABILITY TITLE RISK
2017-08-09 CVE-2015-2311 Integer Underflow (Wrap or Wraparound) vulnerability in Capnproto
Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message.
network
low complexity
capnproto CWE-191
critical
9.8
2017-07-31 CVE-2017-11757 Integer Underflow (Wrap or Wraparound) vulnerability in Actian Pervasive Psql and ZEN
Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583.
network
low complexity
actian CWE-191
critical
9.8
2017-06-13 CVE-2017-7367 Integer Underflow (Wrap or Wraparound) vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image.
local
low complexity
google CWE-191
7.8
2017-05-23 CVE-2017-9214 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
network
low complexity
openvswitch debian redhat CWE-191
critical
9.8
2017-05-12 CVE-2017-8924 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.
low complexity
linux debian CWE-191
4.6
2017-05-12 CVE-2017-8911 Integer Underflow (Wrap or Wraparound) vulnerability in Tnef Project Tnef 1.4.14
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14.
network
low complexity
tnef-project CWE-191
critical
9.8
2017-05-11 CVE-2017-8906 Integer Underflow (Wrap or Wraparound) vulnerability in Multicorewareinc X265 High Efficiency Video Coding 2.4
An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and other products.
local
low complexity
multicorewareinc CWE-191
5.5
2017-04-12 CVE-2017-3034 Integer Underflow (Wrap or Wraparound) vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality.
local
low complexity
adobe CWE-191
7.8
2017-03-24 CVE-2016-10268 Integer Underflow (Wrap or Wraparound) vulnerability in Libtiff 4.0.7
tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.
local
low complexity
libtiff CWE-191
7.8
2017-03-15 CVE-2016-10166 Integer Underflow (Wrap or Wraparound) vulnerability in Libgd
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.
network
low complexity
libgd CWE-191
critical
9.8