VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 15 of 78
  • CVE-2026-42974HigJun 9, 2026
    risk 0.53cvss 8.1epss 0.01

    Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

  • CVE-2026-37537HigMay 1, 2026
    risk 0.53cvss 8.1epss 0.00

    collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 (2023-03-08) contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8_t index = data[0] - 1. When data[0] (sequence number from CAN…

  • CVE-2026-24660HigApr 7, 2026
    risk 0.53cvss 8.1epss 0.01

    A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2026-24450HigApr 7, 2026
    risk 0.53cvss 8.1epss 0.00

    An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2026-20884HigApr 7, 2026
    risk 0.53cvss 8.1epss 0.00

    An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2026-32759HigMar 20, 2026
    risk 0.53cvss 8.1epss 0.02

    File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer…

  • CVE-2025-55068HigSep 18, 2025
    risk 0.53cvss 8.2epss 0.00

    Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition.

  • CVE-2025-23016CriJan 10, 2025
    risk 0.53cvss 9.3epss 0.01

    FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.

  • CVE-2017-17426HigDec 5, 2017
    risk 0.53cvss 8.1epss 0.02

    The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread…

  • CVE-2015-8983HigMar 20, 2017
    risk 0.53cvss 8.1epss 0.04

    Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a…

  • CVE-2015-8982HigMar 15, 2017
    risk 0.53cvss 8.1epss 0.04

    Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.

  • CVE-2015-7599HigFeb 7, 2017
    risk 0.53cvss 8.1epss 0.06

    Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and…

  • CVE-2016-7133HigSep 12, 2016
    risk 0.53cvss 8.1epss 0.04

    Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a long pathname.

  • CVE-2012-1185HigJun 5, 2012
    risk 0.53cvss 7.8epss 0.31

    Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF…

  • CVE-2010-1883HigOct 13, 2010
    risk 0.53cvss 7.8epss 0.23

    Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an…

  • CVE-2026-0095HigJun 1, 2026
    risk 0.52cvss 8.0epss 0.00

    In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction…

  • CVE-2026-39834CriMay 22, 2026
    risk 0.52cvss 9.1epss 0.00

    When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent…

  • CVE-2026-24214HigMay 20, 2026
    risk 0.52cvss 8.0epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, or denial of service.

  • CVE-2025-52538HigNov 24, 2025
    risk 0.52cvss 8.0epss 0.00

    Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in loss of confidentiality or availability.

  • CVE-2023-28909HigJun 28, 2025
    risk 0.52cvss 8.0epss 0.01

    A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. An attacker can leverage this vulnerability…