Vulnerabilities (CVE)

Filtered by CWE-681
Total 90 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-46848 2 Redhat, Squid-cache 5 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 2 more 2024-09-16 N/A 7.5 HIGH
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
CVE-2024-38044 1 Microsoft 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more 2024-07-11 N/A 7.2 HIGH
DHCP Server Service Remote Code Execution Vulnerability
CVE-2022-40225 1 Siemens 2 Siplus Tim 1531 Irc, Siplus Tim 1531 Irc Firmware 2024-06-24 N/A 7.5 HIGH
A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices.
CVE-2022-34169 6 Apache, Azul, Debian and 3 more 16 Xalan-java, Zulu, Debian Linux and 13 more 2024-06-21 N/A 7.5 HIGH
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
CVE-2023-23401 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2024-05-29 N/A 7.8 HIGH
Windows Media Remote Code Execution Vulnerability
CVE-2023-23388 1 Microsoft 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more 2024-05-29 N/A 8.8 HIGH
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2023-21736 1 Microsoft 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more 2024-05-29 N/A 7.8 HIGH
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-29346 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-05-29 N/A 7.8 HIGH
NTFS Elevation of Privilege Vulnerability
CVE-2023-24884 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-05-29 N/A 8.8 HIGH
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2024-32481 2024-04-25 N/A 5.3 MEDIUM
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a `range` of the form `range(start, start + N)`, if `start` is negative, the execution will always revert. This issue is caused by an incorrect assertion inserted by the code generation of the range `stmt.parse_For_range()`. The issue arises when `start` is signed, instead of using `sle`, `le` is used and `start` is interpreted as an unsigned integer for the comparison. If it is a negative number, its 255th bit is set to `1` and is hence interpreted as a very large unsigned integer making the assertion always fail. Any contract having a `range(start, start + N)` where `start` is a signed integer with the possibility for `start` to be negative is affected. If a call goes through the loop while supplying a negative `start` the execution will revert. Version 0.4.0b1 fixes the issue.
CVE-2024-26162 2024-04-11 N/A 8.8 HIGH
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-28063 1 Dell 582 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 579 more 2024-02-28 N/A 4.4 MEDIUM
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.
CVE-2023-3635 1 Squareup 1 Okio 2024-02-28 N/A 7.5 HIGH
GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class.
CVE-2023-5184 1 Zephyrproject 1 Zephyr 2024-02-28 N/A 8.8 HIGH
 Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.
CVE-2023-20006 1 Cisco 6 Adaptive Security Appliance Software, Firepower 2110, Firepower 2120 and 3 more 2024-02-28 N/A 7.5 HIGH
A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload.
CVE-2022-43663 1 Wellintech 1 Kinghistorian 2024-02-28 N/A 9.8 CRITICAL
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2023-0185 4 Citrix, Nvidia, Redhat and 1 more 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more 2024-02-28 N/A 7.1 HIGH
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure.
CVE-2022-34680 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2024-02-28 N/A 5.5 MEDIUM
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
CVE-2022-34677 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2024-02-28 N/A 7.1 HIGH
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
CVE-2022-34670 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2024-02-28 N/A 7.8 HIGH
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.