| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows Active Directory allows an authorized attacker to elevate privileges locally. |
| Integer overflow or wraparound in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally. |
| Integer overflow or wraparound in Microsoft Defender allows an unauthorized attacker to execute code locally. |
| Bridge is affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Integer overflow or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| CAI Content Credentials is affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. |
| GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the html_quote_string() function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity encoding. A server-supplied HTML attribute causes a signed integer counter to overflow during output size accumulation, resulting in an undersized heap allocation and subsequent heap buffer overflow during the copy phase. |
| GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parse_content_range() function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigger undefined behavior and download desynchronization in the affected client. |
| Integer overflow or wraparound in Windows Remote Access Service Infrastructure allows an authorized attacker to elevate privileges over a network. |
| Integer overflow or wraparound in Windows NTFS allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Data dll allows an unauthorized attacker to execute code locally. |
| Use after free in Windows TCP/IP allows an authorized attacker to elevate privileges locally. |
| Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to elevate privileges with a physical attack. |
| Heap-based buffer overflow in Windows Network File System allows an authorized attacker to elevate privileges over a network. |
| Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally. |
| Integer overflow or wraparound in Windows Web Proxy Auto-Discovery Protocol (WPAD) allows an authorized attacker to elevate privileges locally. |
| Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally. |
| Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record.
retrieve_hook_common reads a signed 32-bit item count from an SX_HOOK record and calls av_extend with that count plus one. A count of I32_MAX wraps the addition to a negative value.
A crafted blob passed to thaw or retrieve triggers the overflow; av_extend receives the negative count and dies with a panic, terminating the deserialization. |