VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 16 of 78
  • CVE-2024-37310CriJul 10, 2024
    risk 0.52cvss 9.0epss 0.01

    EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0.

  • CVE-2018-14938CriAug 5, 2018
    risk 0.52cvss 9.1epss 0.03

    An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result…

  • CVE-2015-2310CriAug 9, 2017
    risk 0.52cvss 9.1epss 0.02

    Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation.

  • CVE-2016-2105HigMay 5, 2016
    risk 0.52cvss 7.5epss 0.40

    Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

  • CVE-2025-14098HigJun 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executable file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on…

  • CVE-2026-45593HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Windows SDK allows an authorized attacker to elevate privileges locally.

  • CVE-2026-45592HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally.

  • CVE-2026-44812HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

  • CVE-2026-44803HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

  • CVE-2026-42916HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2026-10118HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the `tilingPatternFill` function. This overflow leads to an undersized heap memory allocation,…

  • CVE-2026-43905HigMay 14, 2026
    risk 0.51cvss 7.8epss 0.00

    OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w * h * ch * buffer_bpp using signed 32-bit…

  • CVE-2026-42896HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

  • CVE-2026-35415HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

  • CVE-2026-34644HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    After Effects versions 26.0, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2026-34640HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2026-34333HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

  • CVE-2026-34330HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

  • CVE-2026-4154HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a…

  • CVE-2026-4151HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a…