VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 2 of 78
  • CVE-2017-7657CriJun 26, 2018
    risk 0.65cvss 9.8epss 0.16

    In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size…

  • CVE-2012-6706CriJun 22, 2017
    risk 0.65cvss 9.8epss 0.10

    A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a…

  • CVE-2017-5340CriJan 11, 2017
    risk 0.65cvss 9.8epss 0.17

    Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary…

  • CVE-2016-8705CriJan 6, 2017
    risk 0.65cvss 9.8epss 0.20

    Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.

  • CVE-2016-5841CriDec 13, 2016
    risk 0.65cvss 9.8epss 0.13

    Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.

  • CVE-2016-7167CriOct 7, 2016
    risk 0.65cvss 9.8epss 0.12

    Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow.

  • CVE-2005-1513CriMay 11, 2005
    risk 0.65cvss 9.8epss 0.11

    Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

  • CVE-2002-0639CriJul 3, 2002
    risk 0.65cvss 9.8epss 0.18

    Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.

  • CVE-2026-47291CriJun 9, 2026
    risk 0.64cvss 9.8epss 0.22

    Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.

  • CVE-2026-48691CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.00

    FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute encoder. In src/bgp_protocol.hpp, the IPv4UnicastAnnounce::get_attributes() function computes attribute_length as 'sizeof(bgp_as_path_segment_element_t) +…

  • CVE-2026-8631CriMay 20, 2026
    risk 0.64cvss 9.8epss 0.01

    A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print…

  • CVE-2026-8956CriMay 19, 2026
    risk 0.64cvss 9.8epss 0.01

    Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

  • CVE-2026-20889CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2026-2781CriFeb 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35.

  • CVE-2026-2774CriFeb 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

  • CVE-2026-2762CriFeb 24, 2026
    risk 0.64cvss 9.8epss 0.01

    Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

  • CVE-2026-24830CriJan 27, 2026
    risk 0.64cvss 9.8epss 0.00

    Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2.

  • CVE-2025-54957CriOct 20, 2025
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evo_priv.c from the DD+ bitstream, the decoder writes that data into a buffer. The length…

  • CVE-2025-49710CriJun 11, 2025
    risk 0.64cvss 9.8epss 0.01

    An integer overflow was present in `OrderedHashTable` used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4.

  • CVE-2025-40906CriMay 16, 2025
    risk 0.64cvss 9.8epss 0.01

    BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities. Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755. BSON-XS was the official Perl XS implementation of…