Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4965 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-53482 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-17 | 7.5 High |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2026-15108 | 1 Google | 1 Chrome | 2026-07-17 | 4.3 Medium |
| Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. (Chromium security severity: High) | ||||
| CVE-2026-51536 | 1 Eipstackgroup | 1 Opener | 2026-07-17 | 9.1 Critical |
| In OpENer 2.3.0 (commit 76b95cf) when parsing incoming CIP (Common Industrial Protocol) network packets, the length parameter is inconsistently typed across the call stack. Specifically, an upstream length calculated as an int is passed to a downstream function that expects an EipInt16 (a 16-bit signed integer). If a maliciously crafted packet with specific length fields is processed, the length parameter can overflow or be truncated into a negative value. This negative length bypasses subsequent bounds checking (due to signed/unsigned comparison issues) and is ultimately used in memory operations, leading to a Stack Buffer Overflow when reading data in DecodePaddedEPath. | ||||
| CVE-2026-7162 | 1 Winfsp | 1 Winfsp | 2026-07-17 | 7.8 High |
| Successful exploitation of the integer overflow vulnerability could allow an attacker to achieve system-level access to the affected software. | ||||
| CVE-2026-58317 | 2026-07-17 | N/A | ||
| Unsigned to Signed Conversion Error (CWE-196) vulnerability exists in TTSSH2 plugin of Tera Term provided by TeraTerm Project. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. As a result, the contents of adjacent memory regions may be transmitted to the server, and Tera Term may behave unexpected or terminate abnormally. | ||||
| CVE-2026-10649 | 2 Clusterlabs, Redhat | 7 Pacemaker, Enterprise Linux, Enterprise Linux Eus and 4 more | 2026-07-17 | 8.6 High |
| A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial of service (DoS) in the CIB remote listener. This can result in the affected service crashing. | ||||
| CVE-2026-44251 | 1 Wazuh | 1 Wazuh | 2026-07-17 | 6.5 Medium |
| Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions 3.0.0 and above, prior to 4.14.5, a size_t integer underflow in os_crypto/shared/msgs.c:389 allows any enrolled Wazuh agent to crash the wazuh-remoted process on the manager, immediately disconnecting all agents from the manager. A second code path reached by the same underflow may allow heap memory corruption. This issue has been fixed in version 4.14.5. | ||||
| CVE-2026-59117 | 1 Microsoft | 1 Terminal | 2026-07-16 | 7.5 High |
| Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-51540 | 1 Eipstackgroup | 1 Opener | 2026-07-16 | 9.8 Critical |
| OpENer 2.3.0 (master branch up to commit 76b95cf) is vulnerable to a severe memory corruption issue caused by an integer underflow in the processing of connected explicit messages (SendUnitData). | ||||
| CVE-2026-50300 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-16 | 5.5 Medium |
| Integer underflow (wrap or wraparound) in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-55026 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-07-16 | 6.2 Medium |
| Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-58380 | 2 Gnome, Redhat | 2 Gimp, Enterprise Linux | 2026-07-16 | 7.3 High |
| A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscanner_gettoken() function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption, potentially resulting in denial of service or arbitrary code execution. | ||||
| CVE-2026-50497 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-16 | 6.5 Medium |
| Off-by-one error in Windows Remote Desktop Protocol allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-58384 | 2 Gnu, Redhat | 2 Gimp, Enterprise Linux | 2026-07-16 | 7.3 High |
| A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitrary code execution. | ||||
| CVE-2026-40954 | 2026-07-16 | N/A | ||
| CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client | ||||
| CVE-2026-40955 | 2026-07-16 | N/A | ||
| CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client. | ||||
| CVE-2026-0128 | 1 Google | 1 Android | 2026-07-16 | 3.5 Low |
| In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2026-14544 | 1 Redhat | 1 Enterprise Linux | 2026-07-16 | 9.8 Critical |
| A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data. | ||||
| CVE-2026-39042 | 1 Mikrotik | 1 Routeros | 2026-07-16 | 7.5 High |
| An issue in MikroTIk (SIA Mikrotikls, Latvia) RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten() function in libumsg.so. | ||||
| CVE-2026-59197 | 1 Python-pillow | 1 Pillow | 2026-07-16 | 8.2 High |
| Pillow is a Python imaging library. Prior to 12.3.0, Pillow's public rank-filter API can trigger a native heap out-of-bounds write when given a very large odd filter size because ImageFilter.RankFilter.filter() calls image.expand(size // 2, size // 2) before rank-filter size validation and ImagingExpand() computes output dimensions with unchecked signed int arithmetic. This issue is fixed in version 12.3.0. | ||||