Vulnerabilities (CVE)

Filtered by CWE-191
Total 256 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-15418 1 Cisco 5 Webex Business Suite 31, Webex Business Suite 32, Webex Business Suite 33 and 2 more 2024-02-28 9.3 HIGH 7.8 HIGH
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.
CVE-2018-14817 1 Fujielectric 2 V-server, V-server Firmware 2024-02-28 7.5 HIGH 9.8 CRITICAL
Fuji Electric V-Server 4.0.3.0 and prior, An integer underflow vulnerability has been identified, which may allow remote code execution.
CVE-2018-3999 1 Atlantiswordprocessor 1 Atlantis Word Processor 2024-02-28 6.8 MEDIUM 7.8 HIGH
An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and then used in a copying operation. Due to the length underflow, the application will then write outside the bounds of a stack buffer, resulting in a buffer overflow. An attacker must convince a victim to open a document in order to trigger this vulnerability.
CVE-2017-18170 1 Qualcomm 50 Qca9379, Qca9379 Firmware, Sd 205 and 47 more 2024-02-28 8.3 HIGH 8.8 HIGH
Improper input validation in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016.
CVE-2018-14325 1 Techsmith 1 Mp4v2 2024-02-28 6.8 MEDIUM 8.8 HIGH
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
CVE-2018-16601 1 Amazon 2 Amazon Web Services Freertos, Freertos 2024-02-28 6.8 MEDIUM 8.1 HIGH
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
CVE-2018-11301 1 Google 1 Android 2024-02-28 4.6 MEDIUM 7.8 HIGH
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on buffer length while processing debug log event from firmware can lead to an integer overflow.
CVE-2018-12230 1 Remicoin Project 1 Remicoin 2024-02-28 5.0 MEDIUM 7.5 HIGH
An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin (RMC), an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks.
CVE-2018-12025 1 Futurxe 1 Futurxe 2024-02-28 5.0 MEDIUM 7.5 HIGH
The transferFrom function of a smart contract implementation for FuturXE (FXE), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized transfer of digital assets because of a logic error. The developer messed up with the boolean judgment - if the input value is smaller than or equal to allowed value, the transfer session would stop execution by returning false. This makes no sense, because the transferFrom() function should require the transferring value to not exceed the allowed value in the first place. Suppose this function asks for the allowed value to be smaller than the input. Then, the attacker could easily ignore the allowance: after this condition, the `allowed[from][msg.sender] -= value;` would cause an underflow because the allowed part is smaller than the value. The attacker could transfer any amount of FuturXe tokens of any accounts to an appointed account (the `_to` address) because the allowed value is initialized to 0, and the attacker could bypass this restriction even without the victim's private key.
CVE-2018-5865 1 Google 1 Android 2024-02-28 2.1 LOW 5.5 MEDIUM
While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur.
CVE-2018-6612 1 Jhead Project 1 Jhead 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact.
CVE-2015-9167 1 Qualcomm 36 Sd 410, Sd 410 Firmware, Sd 412 and 33 more 2024-02-28 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur.
CVE-2015-9129 1 Qualcomm 50 Mdm9206, Mdm9206 Firmware, Mdm9650 and 47 more 2024-02-28 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs.
CVE-2018-5850 1 Google 1 Android 2024-02-28 9.3 HIGH 7.8 HIGH
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-7569 2 Gnu, Redhat 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
CVE-2015-9198 1 Qualcomm 70 Ipq4019, Ipq4019 Firmware, Mdm9206 and 67 more 2024-02-28 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory.
CVE-2017-15874 1 Busybox 1 Busybox 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.
CVE-2015-1208 1 Ffmpeg 1 Ffmpeg 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.
CVE-2015-2311 1 Capnproto 1 Capnproto 2024-02-28 7.5 HIGH 9.8 CRITICAL
Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message.
CVE-2017-14796 1 Libbpg Project 1 Libbpg 2024-02-28 6.8 MEDIUM 8.8 HIGH
The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in hevc_filter.c in libavcodec in FFmpeg and sao_filter_CTB in hevc_filter.c in libavcodec in FFmpeg.