ts-asn1-der 安全漏洞

ts-asn1-der is a set of utility classes in the Apeleg open source for encoding ASN.1 data according to DER rules. A security vulnerability exists in versions of ts-asn1-der prior to 1.0.4, which stems from a numeric DER encoding error that could lead to an infinite loop...

STMicroelectronics X-CUBE-AZRTOS-WL 数字错误漏洞

STMicroelectronics X-CUBE-AZRTOS-WL is an Azure RTOS-based development kit for STM32 microcontrollers from STMicroelectronics, Switzerland. A numeric error vulnerability exists in STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0, which stems from an integer overflow in the PUT request function o...

CryptoLib 数字错误漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A numeric error vulnerability exists in CryptoLib 1.3.3 and prior versions that stems from incomplete validation of the fl field in the...

The vulnerability of the numeric_to_dv component in the virtuoso-opensource web application development platform allows a hacker to trigger a service failure.

The vulnerability of the numerictodv component in the virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially craft...

xmedcon 数字错误漏洞

xmedcon is an open source toolkit for medical image conversion from xmedcon open source. A numeric error vulnerability exists in xmedcon version 0.25.0, which stems from an integer underflow in the malloc function of the DICOM File Handler component...

Ollama 数字错误漏洞

Ollama is an Ollama open source large-scale language model that can be started and run locally. A numeric error vulnerability exists in Ollama version v0.3.3, which stems from a blockcount type specialization when importing a GGUF model that could result in a divide-by-zero error, triggering a...

The vulnerability of the tpm_read_log_efi() function in the drivers/char/tpm/eventlog/efi.c kernel module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the tpmreadlogefi function in the drivers/char/tpm/eventlog/efi.c kernel module of the Linux operating system is related to a numerical overflow or cyclic shift. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-24059

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-24059

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-24059

CVE-2025-24059 affects Windows Common Log File System Driver. Root cause: incorrect numeric type conversion leading to local privilege escalation. Impact per sources: high (privilege escalation, high confidentiality/integrity/availability impact) with local exploitation and no user interaction re...

PT-2025-10810 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to an incorrect conversion between numeric types in the Windows Common Log File System Driver, which allows an authorized attacker to...

Linux Distros Unpatched Vulnerability : CVE-2019-19232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not...

AZL-57376 CVE-2024-53427 affecting package jq for versions less than 1.7.1-2

decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...

CVE-2024-53427

decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...

Zoom Workplace 数字错误漏洞

Zoom Workplace is a desktop application from Zoom USA. Zoom Workplace suffers from a numeric error vulnerability that originates from reuse after release and could lead to a denial of service attack by an authenticated user via web access...

CVE-2024-6125

The Login with phone number plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 1.7.34. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit. This makes it possible for...

The vulnerability of the qsvghandler.cpp component of the cross-platform development framework for Qt software, which allows a hacker to trigger a service failure.

The vulnerability of the qsvghandler.cpp component of the cross-platform development framework for Qt software is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to cause a service failure...

The vulnerability of the svcrdma component in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the svcrdma component in the Linux operating system’s kernel is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Exploit for Incorrect Conversion between Numeric Types in Apache Xalan-Java

CVE-2022-34169 PoC A malleable PoC and solution for the SU...

CVE-2024-57652

An issue in the numerictodv component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...