Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix qgroup reserve overflow the qgroup limit
We use extent_changeset->bytes_changed in qgroup_reserve_data() to record
how many bytes we set for EXTENT_QGROUP_RESE…
Medium
CVSS: 5.9
There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a…
High
CVSS: 7.1
In barebox before 2025.01.0, ext4fs_read_symlink has an integer overflow for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrit…
High
CVSS: 7.1
In barebox before 2025.01.0, request2size in common/dlmalloc.c has an integer overflow, a related issue to CVE-2024-57258.
High
CVSS: 7.1
Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64.
High
CVSS: 7.1
An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memor…
High
CVSS: 7.1
An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.
High
CVSS: 7.1
An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem.
Low
CVSS: 3.3
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is…
Critical
CVSS: 9.8
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow.
High
CVSS: 7.3
Integer Overflow or Wraparound vulnerability in Lexmark International CX, XC, CS, et. Al. (Postscript interpreter modules) allows Forced Integer Overflow.The vulnerability can be leveraged by an attacker to execute arbitrary code as an unpr…
Medium
CVSS: 4.9
NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A succe…
Low
CVSS: 2.3
An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity.
Medium
CVSS: 5.5
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow.
Medium
CVSS: 5.3
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus…
High
CVSS: 8.4
In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User intera…
High
CVSS: 7.8
An integer overflow was addressed through improved input validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to elevate privileges.
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
net/sctp: Prevent autoclose integer overflow in sctp_association_init()
While by default max_autoclose equals to INT_MAX / HZ, one may set
net.sctp.max_autoclose to UINT_…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
RDMA/uverbs: Prevent integer overflow issue
In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32
values that come from the user so the multiplication c…
High
CVSS: 7.8
GDI+ Remote Code Execution Vulnerability