CWE-682
Incorrect Calculation
Description
The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-128 · CAPEC-129
CVEs mapped to this weakness (64)
page 1 of 4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8319 | Cri | 0.64 | 9.8 | 0.07 | Jul 11, 2018 | A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography… | ||
| CVE-2017-13151 | Hig | 0.57 | 8.8 | 0.01 | Dec 6, 2017 | A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456. | ||
| CVE-2017-12135 | Hig | 0.57 | 8.8 | 0.00 | Aug 24, 2017 | Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. | ||
| CVE-2017-12134 | Hig | 0.57 | 8.8 | 0.01 | Aug 24, 2017 | The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block… | ||
| CVE-2017-8905 | Hig | 0.57 | 8.8 | 0.00 | May 11, 2017 | Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215. | ||
| CVE-2017-8326 | Hig | 0.57 | 8.8 | 0.02 | Apr 29, 2017 | libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image,… | ||
| CVE-2018-11262 | — | Hig | 0.51 | 7.8 | 0.00 | Sep 4, 2018 | In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which… | |
| CVE-2017-13288 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2018 | In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch. This could lead to a local escalation of privilege where the user can start an activity with system privileges, with no additional execution… | ||
| CVE-2017-9725 | Hig | 0.51 | 7.8 | 0.01 | Sep 21, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail. | ||
| CVE-2017-0679 | Hig | 0.51 | 7.8 | 0.01 | Jul 6, 2017 | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978. | ||
| CVE-2017-0666 | Hig | 0.51 | 7.8 | 0.00 | Jul 6, 2017 | A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689. | ||
| CVE-2017-0342 | Hig | 0.51 | 7.8 | 0.00 | May 9, 2017 | All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where incorrect calculation may cause an invalid address access leading to denial of service or potential escalation of privileges. | ||
| CVE-2017-0545 | Hig | 0.51 | 7.8 | 0.01 | Apr 7, 2017 | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are… | ||
| CVE-2018-15391 | Hig | 0.49 | 7.5 | 0.01 | Oct 5, 2018 | A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service (DoS) condition. The vulnerability is due to the… | ||
| CVE-2018-14439 | Hig | 0.49 | 7.5 | 0.01 | Jul 20, 2018 | espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point numbers with more than four digits after the decimal point, which might allow attackers to trigger currency transfers of unintended amounts. | ||
| CVE-2017-0819 | Hig | 0.49 | 7.5 | 0.01 | Oct 4, 2017 | A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63045918. | ||
| CVE-2026-44498 | Hig | 0.42 | 7.5 | 0.00 | May 8, 2026 | ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit (MAX_BLOCK_SIGOPS), allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who… | ||
| CVE-2026-33487 | Hig | 0.42 | 7.5 | 0.00 | Mar 26, 2026 | goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the `validateSignature` function in `validate.go` goes through the references in the `SignedInfo` block to find one that matches the signed element's ID. In Go versions before 1.22, or when… | ||
| CVE-2025-4435 | Hig | 0.42 | 7.5 | 0.00 | Jun 3, 2025 | When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and… | ||
| CVE-2022-29978 | Med | 0.42 | 6.5 | 0.01 | May 11, 2022 | There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file. |
- risk 0.64cvss 9.8epss 0.07
A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography…
- risk 0.57cvss 8.8epss 0.01
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.
- risk 0.57cvss 8.8epss 0.00
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
- risk 0.57cvss 8.8epss 0.01
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block…
- risk 0.57cvss 8.8epss 0.00
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.
- risk 0.57cvss 8.8epss 0.02
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image,…
- risk 0.51cvss 7.8epss 0.00
In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which…
- risk 0.51cvss 7.8epss 0.00
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch. This could lead to a local escalation of privilege where the user can start an activity with system privileges, with no additional execution…
- risk 0.51cvss 7.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978.
- risk 0.51cvss 7.8epss 0.00
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689.
- risk 0.51cvss 7.8epss 0.00
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where incorrect calculation may cause an invalid address access leading to denial of service or potential escalation of privileges.
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are…
- risk 0.49cvss 7.5epss 0.01
A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service (DoS) condition. The vulnerability is due to the…
- risk 0.49cvss 7.5epss 0.01
espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point numbers with more than four digits after the decimal point, which might allow attackers to trigger currency transfers of unintended amounts.
- risk 0.49cvss 7.5epss 0.01
A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63045918.
- risk 0.42cvss 7.5epss 0.00
ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit (MAX_BLOCK_SIGOPS), allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who…
- risk 0.42cvss 7.5epss 0.00
goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the `validateSignature` function in `validate.go` goes through the references in the `SignedInfo` block to find one that matches the signed element's ID. In Go versions before 1.22, or when…
- risk 0.42cvss 7.5epss 0.00
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and…
- risk 0.42cvss 6.5epss 0.01
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.