VYPR

CWE-681

Incorrect Conversion between Numeric Types

BaseDraftLikelihood: High

Description

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

Hierarchy (View 1000)

CVEs mapped to this weakness (44)

page 1 of 3
  • CVE-2016-3074CriApr 26, 2016
    risk 0.70cvss 9.8epss 0.37

    Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.

  • CVE-2009-0231HigJul 15, 2009
    risk 0.60cvss 8.8epss 0.37

    The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers…

  • CVE-2026-26178HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.

  • CVE-2026-4931HigApr 7, 2026
    risk 0.56cvss 8.6epss 0.00

    Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost.

  • CVE-2017-7308HigMar 29, 2017
    risk 0.55cvss 7.8epss 0.18

    The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the…

  • CVE-2008-3282HigAug 29, 2008
    risk 0.52cvss 7.8epss 0.11

    Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…

  • CVE-2026-24192HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges,…

  • CVE-2018-3999HigOct 1, 2018
    risk 0.51cvss 7.8epss 0.01

    An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and…

  • CVE-2007-4268HigNov 15, 2007
    risk 0.51cvss 7.8epss 0.01

    Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as…

  • CVE-2007-4988HigSep 24, 2007
    risk 0.51cvss 7.8epss 0.03

    Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.

  • CVE-2026-46384HigMay 29, 2026
    risk 0.50cvss epss 0.00

    iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On…

  • CVE-2022-34169HigJul 19, 2022
    risk 0.50cvss 7.5epss 0.18

    The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update…

  • CVE-2026-24174HigApr 7, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2018-1000224HigAug 20, 2018
    risk 0.49cvss 7.5epss 0.04

    Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. contains a Signed/unsigned comparison, wrong buffer size chackes, integer overflow, missing padding initialization vulnerability in (De)Serialization functions (core/io/marshalls.cpp) that can…

  • CVE-2017-0857HigNov 16, 2017
    risk 0.49cvss 7.5epss 0.00

    Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65122447.

  • CVE-2018-5251MedJan 5, 2018
    risk 0.42cvss 6.5epss 0.02

    In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.

  • CVE-2017-17446MedDec 6, 2017
    risk 0.42cvss 6.5epss 0.02

    The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

  • CVE-2017-12140MedAug 2, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.

  • CVE-2025-58063HigSep 9, 2025
    risk 0.39cvss 7.1epss 0.00

    CoreDNS is a DNS server that chains plugins. Starting in version 1.2.0 and prior to version 1.12.4, the CoreDNS etcd plugin contains a TTL confusion vulnerability where lease IDs are incorrectly used as TTL values, enabling DNS cache pinning attacks. This effectively creates a…

  • CVE-2018-5711MedJan 16, 2018
    risk 0.37cvss 5.5epss 0.13

    gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the…