VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 66 of 78
  • CVE-2026-24807MedJan 27, 2026
    risk 0.27cvss epss 0.00

    Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules). This vulnerability is associated with program files SeekableOutputStream.Java. This issue…

  • CVE-2025-15534MedJan 18, 2026
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available…

  • CVE-2021-26377MedSep 6, 2025
    risk 0.27cvss 4.1epss 0.00

    Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.

  • CVE-2026-34238MedApr 13, 2026
    risk 0.26cvss 5.1epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a heap buffer overflow on 32-bit builds that will result in an out of bounds write.…

  • CVE-2026-40447MedApr 13, 2026
    risk 0.26cvss 5.1epss 0.00

    Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined behavior.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

  • CVE-2026-34589MedApr 6, 2026
    risk 0.26cvss 5.0epss 0.00

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder constructs temporary per-component block pointers using signed…

  • CVE-2023-31365LowSep 6, 2025
    risk 0.25cvss 3.9epss 0.00

    An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.

  • CVE-2026-0988LowJan 21, 2026
    risk 0.24cvss 3.7epss 0.00

    A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being…

  • CVE-2025-4945LowMay 19, 2025
    risk 0.24cvss 3.7epss 0.01

    A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in…

  • CVE-2025-3360LowApr 7, 2025
    risk 0.24cvss 3.7epss 0.00

    A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

  • CVE-2016-8622LowJul 31, 2018
    risk 0.24cvss 3.7epss 0.05

    The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus…

  • CVE-2026-5476MedApr 3, 2026
    risk 0.23cvss 4.6epss 0.00

    A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The…

  • CVE-2025-2295LowMar 14, 2025
    risk 0.23cvss 3.5epss 0.00

    EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.

  • CVE-2026-27781LowMay 19, 2026
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

  • CVE-2026-4985MedMar 27, 2026
    risk 0.21cvss 4.3epss 0.00

    A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgif_addframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated…

  • CVE-2026-2271LowMar 26, 2026
    risk 0.21cvss 3.3epss 0.00

    A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an integer overflow vulnerability in the read_creator_block() function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file…

  • CVE-2023-28903LowJun 28, 2025
    risk 0.21cvss 3.3epss 0.00

    An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system.

  • CVE-2016-9085LowFeb 3, 2017
    risk 0.21cvss 3.3epss 0.00

    Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.

  • CVE-2026-33596LowApr 22, 2026
    risk 0.20cvss 3.1epss 0.00

    A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend.

  • CVE-2021-46750LowSep 6, 2025
    risk 0.20cvss 3.0epss 0.00

    Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader…