Total
3306 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-31631 | 3 Php, Redhat, Sqlite | 3 Php, Enterprise Linux, Sqlite | 2025-07-02 | 9.1 Critical |
| In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities. | ||||
| CVE-2023-28909 | 2025-06-30 | 8 High | ||
| A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. An attacker can leverage this vulnerability to bypass the MTU check on a channel with enabled fragmentation. Consequently, this can lead to a buffer overflow in upper layer profiles, which can be used to obtain remote code execution. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. | ||||
| CVE-2023-28908 | 2025-06-30 | 5.4 Medium | ||
| A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. | ||||
| CVE-2023-28903 | 2025-06-30 | 3.3 Low | ||
| An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system. | ||||
| CVE-2024-34733 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-34399 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 9.8 Critical |
| Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow. | ||||
| CVE-2023-34406 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | 3.3 Low |
| An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically. | ||||
| CVE-2025-6603 | 2025-06-26 | 5.3 Medium | ||
| A vulnerability was found in coldfunction qCUDA up to db0085400c2f2011eed46fbc04fdc0873141688e. It has been rated as problematic. Affected by this issue is the function qcow_make_empty of the file qCUDA/qcu-device/block/qcow.c. The manipulation of the argument s->l1_size leads to integer overflow. The attack needs to be approached locally. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. | ||||
| CVE-2023-36328 | 2 Fedoraproject, Libtom | 2 Fedora, Libtommath | 2025-06-26 | 9.8 Critical |
| Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). | ||||
| CVE-2010-1233 | 1 Google | 1 Chrome | 2025-06-25 | N/A |
| Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects. | ||||
| CVE-2022-20685 | 1 Cisco | 3 Cyber Vision, Firepower Threat Defense, Unified Threat Defense Snort Intrusion Prevention System Engine | 2025-06-24 | 7.5 High |
| A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | ||||
| CVE-2025-49710 | 1 Mozilla | 1 Firefox | 2025-06-24 | 9.8 Critical |
| An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4. | ||||
| CVE-2024-23337 | 2 Jqlang, Redhat | 7 Jq, Enterprise Linux, Rhel Aus and 4 more | 2025-06-24 | 4.3 Medium |
| jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for the issue. | ||||
| CVE-2025-52935 | 1 Dragonflydb | 1 Dragonfly | 2025-06-24 | N/A |
| Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly (src/redis/lua/struct modules). This vulnerability is associated with program files lua_struct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18. | ||||
| CVE-2023-32881 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-06-18 | 4.4 Medium |
| In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080. | ||||
| CVE-2023-6780 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Glibc, Enterprise Linux | 2025-06-17 | 5.3 Medium |
| An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer. | ||||
| CVE-2024-23307 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-06-17 | 4.4 Medium |
| Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. | ||||
| CVE-2023-31034 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2025-06-17 | 6.6 Medium |
| NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. | ||||
| CVE-2024-20654 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-17 | 8 High |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-47992 | 1 Freeimage Project | 1 Freeimage | 2025-06-17 | 8.8 High |
| An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code. | ||||