Vulnerabilities > Numeric Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-14 | CVE-2014-10375 | Numeric Errors vulnerability in GNU Exosip 3.5.0/4.0.0/4.1.0 handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header. | 7.5 |
2019-07-15 | CVE-2019-1010294 | Numeric Errors vulnerability in Linaro Op-Tee Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. | 7.5 |
2019-05-09 | CVE-2019-11837 | Numeric Errors vulnerability in F5 NJS njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c. | 7.5 |
2019-02-19 | CVE-2019-5755 | Numeric Errors vulnerability in multiple products Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | 8.1 |
2019-02-01 | CVE-2019-7308 | Numeric Errors vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. | 5.6 |
2018-04-18 | CVE-2016-10490 | Numeric Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, if a negative value is passed as argument "max" to qurt_qdi_state_local_new_handle_from_obj, an buffer overflow occurs, due to typecasting the signed integer to unsigned. | 9.8 |
2018-02-27 | CVE-2016-10714 | Numeric Errors vulnerability in multiple products In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters. | 9.8 |
2017-10-06 | CVE-2015-2158 | Numeric Errors vulnerability in Pngcrush Project Pngcrush Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file. | 7.8 |
2017-06-06 | CVE-2016-9961 | Numeric Errors vulnerability in multiple products game-music-emu before 0.6.1 mishandles unspecified integer values. network low complexity game-music-emu-project fedoraproject opensuse-project opensuse novell CWE-189 critical | 9.8 |
2017-06-06 | CVE-2014-9924 | Numeric Errors vulnerability in Google Android In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | 7.8 |