Vulnerabilities > Numeric Errors

DATE CVE VULNERABILITY TITLE RISK
2016-01-15 CVE-2016-0859 Numeric Errors vulnerability in Advantech Webaccess
Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request.
network
low complexity
advantech CWE-189
critical
9.8
2016-01-12 CVE-2016-1715 Numeric Errors vulnerability in multiple products
The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location.
local
high complexity
microsoft mcafee CWE-189
6.6
2016-01-12 CVE-2015-8396 Numeric Errors vulnerability in Grassroots Dicom Project Grassroots Dicom
Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow.
network
low complexity
grassroots-dicom-project CWE-189
critical
10.0
2016-01-08 CVE-2015-5259 Numeric Errors vulnerability in Apache Subversion 1.9.0/1.9.1/1.9.2
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
network
low complexity
apache CWE-189
8.6
2015-12-24 CVE-2015-8664 Numeric Errors vulnerability in Google Chrome
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a different vulnerability than CVE-2015-6792.
network
low complexity
google CWE-189
8.8