Page 81 of 4108 results (0.110 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmp_rw.c because a file's width, height, and BPP are not validated. • https://github.com/LMP88959/NTSC-CRT/issues/32 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. ... This validation does not use safe integer types, or perform additional validation, so it's possible for a large path to overflow the point count, resulting in an unsafe SkPath object. • http://packetstormsecurity.com/files/174949/Chrome-SKIA-Integer-Overflow.html https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1464215 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 1

Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS). • https://bugreports.qt.io/browse/QTBUG-91507 • CWE-190: Integer Overflow or Wraparound

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. • https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c94875471e3ba3dc396c6919ff3ec9b14539cd71 • CWE-190: Integer Overflow or Wraparound

CVSS: 9.8EPSS: 0%CPEs: 47EXPL: 0

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update the UniFi Switches to Version 6.5.59 or later. • https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56 • CWE-190: Integer Overflow or Wraparound