VYPR

CWE-191

Integer Underflow (Wrap or Wraparound)

BaseDraft

Description

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

This can happen in signed and unsigned cases.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (155)

page 7 of 8
  • CVE-2026-34064MedApr 22, 2026
    risk 0.27cvss 5.3epss 0.00

    nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, `VestingContract::can_change_balance` returns `AccountError::InsufficientFunds` when `new_balance < min_cap`, but it constructs the error using `balance: self.balance -…

  • CVE-2026-33899MedApr 13, 2026
    risk 0.27cvss 5.3epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when `Magick` parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions…

  • CVE-2026-1005MedMar 19, 2026
    risk 0.27cvss 5.3epss 0.00

    Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer overflow in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. The underflow wraps a 16-bit…

  • CVE-2026-11850MedJun 11, 2026
    risk 0.26cvss 5.0epss 0.00

    An integer underflow vulnerability was found in MIT krb5 in the berval2tl_data() function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c. The function performs an unsigned subtraction (bv_len - 2) without a prior bounds check. When bv_len is 0 or 1, the subtraction wraps to a…

  • CVE-2026-34165MedMar 31, 2026
    risk 0.26cvss 5.0epss 0.00

    go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and…

  • CVE-2026-23748LowFeb 26, 2026
    risk 0.24cvss 3.7epss 0.00

    Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB State string parsing. When processing a string payload, a payload_size value less than 2 can cause a size_t underflow when computing the number of bytes to…

  • CVE-2026-26204MedApr 29, 2026
    risk 0.22cvss 4.4epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer…

  • CVE-2023-28902LowJun 28, 2025
    risk 0.21cvss 3.3epss 0.00

    An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment…

  • CVE-2026-40386MedApr 12, 2026
    risk 0.19cvss 4.0epss 0.00

    In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

  • CVE-2026-39314MedApr 7, 2026
    risk 0.19cvss 4.0epss 0.00

    OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in _ppdCreateFromIPP() (cups/ppd-cache.c) allows any unprivileged local user to crash the cupsd root process by…

  • CVE-2026-44069LowMay 21, 2026
    risk 0.18cvss 3.9epss 0.00

    An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input.

  • CVE-2025-14055LowFeb 20, 2026
    risk 0.16cvss epss 0.00

    An integer underflow vulnerability in Silicon Labs Secure NCP host implementation allows a buffer overread via a specially crafted packet.

  • CVE-2025-14547LowFeb 20, 2026
    risk 0.15cvss epss 0.00

    An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.

  • CVE-2025-49112LowJun 2, 2025
    risk 0.13cvss 3.1epss 0.00

    setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.

  • CVE-2004-0184May 4, 2004
    risk 0.08cvss epss 0.60

    Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an…

  • CVE-2014-8768Nov 20, 2014
    risk 0.05cvss epss 0.20

    Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.

  • CVE-2007-0063Sep 21, 2007
    risk 0.02cvss epss 0.20

    Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before…

  • CVE-2015-5212Nov 10, 2015
    risk 0.01cvss epss 0.09

    Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly…

  • CVE-2009-3301Feb 16, 2010
    risk 0.01cvss epss 0.12

    Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.

  • CVE-2025-62594Oct 27, 2025
    risk 0.00cvss epss 0.00

    ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero,…