Search Results (3812 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-7709 1 Sqlite 1 Sqlite 2026-04-15 N/A
An integer overflow exists in the FTS5 https://sqlite.org/fts5.html  extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.
CVE-2025-48515 1 Amd 5 Ryzen 5000 Series Desktop Processors, Ryzen 5000 Series Desktop Processors With Radeon Graphics, Ryzen 5000 Series Mobile Processors With Radeon Graphics and 2 more 2026-04-15 N/A
Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.
CVE-2025-36853 1 Microsoft 1 .net 2026-04-15 7.5 High
A vulnerability (CVE-2025-21172) exists in msdia140.dll due to integer overflow and heap-based overflow. Per CWE-122: Heap-based Buffer Overflow, a heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().‍ Per CWE-190: Integer Overflow or Wraparound, is when a product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry.
CVE-2025-23016 1 Fastcgi 1 Fcgi 2026-04-15 9.3 Critical
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
CVE-2025-2295 1 Tianocore 1 Edk2 2026-04-15 3.5 Low
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.
CVE-2024-55656 2026-04-15 8.8 High
RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the password) to allocate memory in the heap lesser than the required memory due to wraparound. Then read and write can be performed beyond this allocated memory, leading to info leak and OOB write. The integer overflow is in CMS.INITBYDIM command, which initialize a Count-Min Sketch to dimensions specified by user. It accepts two values (width and depth) and uses them to allocate memory in NewCMSketch(). This vulnerability is fixed in 2.2.19, 2.4.12, 2.6.14, and 2.8.2.
CVE-2024-51737 2026-04-15 7 High
RediSearch is a Redis module that provides querying, secondary indexing, and full-text search for Redis. An authenticated redis user executing FT.SEARCH or FT.AGGREGATE with a specially crafted LIMIT command argument, or FT.SEARCH with a specially crafted KNN command argument, can trigger an integer overflow, leading to heap overflow and potential remote code execution. This vulnerability is fixed in 2.6.24, 2.8.21, and 2.10.10. Avoid setting value of -1 or large values for configuration parameters MAXSEARCHRESULTS and MAXAGGREGATERESULTS, to avoid exploiting large LIMIT arguments.
CVE-2024-40765 2026-04-15 9.8 Critical
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.
CVE-2024-36671 1 Nodemcu 1 Nodemcu 2026-04-15 9.8 Critical
nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the getnum function at /modules/struct.c.
CVE-2024-32655 1 Npgsql 1 Npgsql 2026-04-15 8.1 High
Npgsql is the .NET data provider for PostgreSQL. The `WriteBind()` method in `src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs` uses `int` variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This causes Npgsql to write a message size that is too small when constructing a Postgres protocol message to send it over the network to the database. When parsing the message, the database will only read a small number of bytes and treat any following bytes as new messages while they belong to the old message. Attackers can abuse this to inject arbitrary Postgres protocol messages into the connection, leading to the execution of arbitrary SQL statements on the application's behalf. This vulnerability is fixed in 4.0.14, 4.1.13, 5.0.18, 6.0.11, 7.0.7, and 8.0.3.
CVE-2024-21783 2026-04-15 4.8 Medium
Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-1917 2026-04-15 9.8 Critical
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.
CVE-2024-1916 2026-04-15 9.8 Critical
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.
CVE-2024-0803 2026-04-15 9.8 Critical
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.
CVE-2021-46750 1 Amd 11 Athlon, Athlon 3000, Radeon Pro V620 and 8 more 2026-04-15 3 Low
Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.
CVE-2024-36316 1 Amd 19 Radeon Pro V520, Radeon Pro V620, Radeon Pro V710 and 16 more 2026-04-15 5.5 Medium
The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service
CVE-2024-37305 1 Open Quantum Safe 1 Oqs Provider 2026-04-15 8.2 High
oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue.
CVE-2025-46333 2026-04-15 N/A
z2d is a pure Zig 2D graphics library. Versions of z2d after `0.5.1` and up to and including `0.6.0`, when writing from one surface to another using `z2d.compositor.StrideCompositor.run`, and higher-level operations when the anti-aliasing mode is set to `.default` (such as `Context.fill`, `Context.stroke`, `painter.fill`, and `painter.stroke`), the source surface can be completely out-of-bounds on the x-axis, but not on the y-axis, by way of a negative offset. This results in an overflow of the value controlling the length of the stride. In non-safe optimization modes (consumers compiling with `ReleaseFast` or `ReleaseSmall`), this could potentially lead to invalid memory accesses or corruption. This issue is patched in version `0.6.1`. Users on an untagged version after `v0.5.1` and before `v0.6.1` are advised to update to address the vulnerability. Those still on Zig `0.13.0` are recommended to downgrade to `v0.5.1`.
CVE-2024-37310 1 Everest 1 Everest-core 2026-04-15 9.1 Critical
EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0.
CVE-2023-28908 2026-04-15 5.4 Medium
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.