Search Results (4908 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-36328 2026-04-15 7.3 High
Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability.
CVE-2024-36316 1 Amd 19 Radeon Pro V520, Radeon Pro V620, Radeon Pro V710 and 16 more 2026-04-15 5.5 Medium
The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service
CVE-2024-57261 1 Pengutronix 1 Barebox 2026-04-15 7.1 High
In barebox before 2025.01.0, request2size in common/dlmalloc.c has an integer overflow, a related issue to CVE-2024-57258.
CVE-2024-52558 1 Planet Technology Corp 1 Wgs-804hpt Firmware 2026-04-15 5.3 Medium
The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program.
CVE-2025-48172 1 Chmlib 1 Chmlib 2026-04-15 5.6 Medium
CHMLib through 2bef8d0, as used in SumatraPDF and other products, has a chm_lib.c _chm_decompress_block integer overflow. There is a resultant heap-based buffer overflow in _chm_fetch_bytes.
CVE-2024-22396 1 Sonicwall 1 Sonicos 2026-04-15 5.3 Medium
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.
CVE-2025-2574 1 Xpdf 1 Xpdf 2026-04-15 N/A
Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.
CVE-2025-65092 1 Espressif 2 Esp-idf, Esp32 2026-04-15 N/A
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted (malicious) JPEG image could exploit the parsing routine and trigger an out-of-bounds array access. This issue has been fixed in versions 5.5.2, 5.4.4, and 5.3.5. At time of publication versions 5.5.2, 5.4.4, and 5.3.5 have not been released but are fixed respectively in commits 4b8f585, c79cb4d, and 34e2726.
CVE-2025-3947 2026-04-15 8.2 High
The Honeywell Experion PKS contains an Integer Underflow vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in improper integer data value checking during subtraction leading to a denial of service. Honeywell recommends updating to the most recent version of Honeywell Experion PKS:520.2 TCU9 HF1 and 530.1 TCU3 HF1. The affected Experion PKS products are C300 PCNT02, C300 PCNT05, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E. The Experion PKS versions affected are from 520.1 through 520.2 TCU9 and from 530 through 530 TCU3.
CVE-2023-45854 1 Shopkit Project 1 Shopkit 2026-04-15 7.5 High
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function.
CVE-2024-51737 2026-04-15 7 High
RediSearch is a Redis module that provides querying, secondary indexing, and full-text search for Redis. An authenticated redis user executing FT.SEARCH or FT.AGGREGATE with a specially crafted LIMIT command argument, or FT.SEARCH with a specially crafted KNN command argument, can trigger an integer overflow, leading to heap overflow and potential remote code execution. This vulnerability is fixed in 2.6.24, 2.8.21, and 2.10.10. Avoid setting value of -1 or large values for configuration parameters MAXSEARCHRESULTS and MAXAGGREGATERESULTS, to avoid exploiting large LIMIT arguments.
CVE-2025-48964 1 Iputils 1 Iputils 2026-04-15 6.5 Medium
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
CVE-2024-39684 1 Tencent 1 Rapidjson 2026-04-15 6.8 Medium
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege.
CVE-2024-36337 2026-04-15 7.9 High
Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability.
CVE-2024-21783 2026-04-15 4.8 Medium
Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-36336 2026-04-15 7.9 High
Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability.
CVE-2024-21844 2026-04-15 4.3 Medium
Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2025-30405 1 Meta 1 Executorch 2026-04-15 9.8 Critical
An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73.
CVE-2025-1235 2026-04-15 4.3 Medium
A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970.
CVE-2024-57262 1 Pengutronix 1 Barebox 2026-04-15 7.1 High
In barebox before 2025.01.0, ext4fs_read_symlink has an integer overflow for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256.