Total
3309 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-36021 | 2 Redhat, Redis | 2 Enterprise Linux, Redis | 2025-03-07 | 5.5 Medium |
| Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. | ||||
| CVE-2023-25155 | 2 Redhat, Redis | 2 Enterprise Linux, Redis | 2025-03-07 | 5.5 Medium |
| Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. | ||||
| CVE-2024-53025 | 1 Qualcomm | 36 Fastconnect 7800, Fastconnect 7800 Firmware, Sm8750 and 33 more | 2025-03-06 | 5.5 Medium |
| Transient DOS can occur while processing UCI command. | ||||
| CVE-2022-43974 | 1 Matrixssl | 1 Matrixssl | 2025-03-06 | 8.1 High |
| MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in 4.6.0. | ||||
| CVE-2021-30022 | 1 Gpac | 1 Gpac | 2025-03-05 | 5.5 Medium |
| There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 unit, so there is an overflow, which results a crash. | ||||
| CVE-2021-30014 | 1 Gpac | 1 Gpac | 2025-03-05 | 5.5 Medium |
| There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash. | ||||
| CVE-2022-40983 | 1 Qt | 1 Qt | 2025-03-05 | 8.8 High |
| An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this vulnerability. | ||||
| CVE-2023-21579 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-03-05 | 7.8 High |
| Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25903 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2025-03-05 | 7.8 High |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-22436 | 1 Openatom | 1 Openharmony | 2025-03-04 | 7.8 High |
| The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root. | ||||
| CVE-2025-20024 | 1 Openatom | 1 Openharmony | 2025-03-04 | 3.8 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | ||||
| CVE-2023-21716 | 1 Microsoft | 8 Office, Office Long Term Servicing Channel, Office Online Server and 5 more | 2025-02-28 | 9.8 Critical |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2023-24909 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 8 more | 2025-02-28 | 8.8 High |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-28295 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-02-28 | 7.8 High |
| Microsoft Publisher Remote Code Execution Vulnerability | ||||
| CVE-2023-35312 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 7.8 High |
| Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability | ||||
| CVE-2022-20532 | 1 Google | 1 Android | 2025-02-28 | 9.8 Critical |
| In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-232242894 | ||||
| CVE-2023-24863 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 6.5 Medium |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||||
| CVE-2023-24906 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 6.5 Medium |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||||
| CVE-2023-35341 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 6.2 Medium |
| Microsoft DirectMusic Information Disclosure Vulnerability | ||||
| CVE-2024-45555 | 1 Qualcomm | 82 Msm8996au, Msm8996au Firmware, Qam8255p and 79 more | 2025-02-28 | 8.4 High |
| Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. | ||||