VYPR

CWE-190

Integer Overflow or Wraparound

BaseStableLikelihood: Medium

Description

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (1,551)

page 8 of 78
  • CVE-2016-7944CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.03

    Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.

  • CVE-2016-9427CriDec 12, 2016
    risk 0.64cvss 9.8epss 0.04

    Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.

  • CVE-2016-9538CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.03

    tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100.

  • CVE-2016-7990CriOct 31, 2016
    risk 0.64cvss 9.8epss 0.02

    On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of…

  • CVE-2016-6999CriOct 13, 2016
    risk 0.64cvss 9.8epss 0.06

    Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

  • CVE-2016-7568CriSep 28, 2016
    risk 0.64cvss 9.8epss 0.05

    Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via…

  • CVE-2016-5344CriAug 30, 2016
    risk 0.64cvss 9.8epss 0.02

    Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size…

  • CVE-2016-5770CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.07

    Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue…

  • CVE-2016-5769CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.08

    Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a…

  • CVE-2016-4346CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.06

    Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.

  • CVE-2016-4345CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.05

    Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.

  • CVE-2016-4344CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.05

    Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow.

  • CVE-2015-8394CriDec 2, 2015
    risk 0.64cvss 9.8epss 0.05

    PCRE before 8.38 mishandles the (?() and (?(R) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object…

  • CVE-2013-1591CriJan 31, 2013
    risk 0.64cvss 9.8epss 0.04

    Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in…

  • CVE-2010-4203CriNov 6, 2010
    risk 0.64cvss 9.8epss 0.05

    WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.

  • CVE-2010-4202CriNov 6, 2010
    risk 0.64cvss 9.8epss 0.01

    Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font.

  • CVE-2010-3729CriOct 5, 2010
    risk 0.64cvss 9.8epss 0.02

    The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2005-1141CriApr 15, 2005
    risk 0.64cvss 9.8epss 0.03

    Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, which leads to a heap-based buffer overflow.

  • CVE-2005-0102CriJan 24, 2005
    risk 0.64cvss 9.8epss 0.03

    Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

  • CVE-2026-11088CriJun 4, 2026
    risk 0.62cvss 9.6epss 0.00

    Integer overflow in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)