Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-25970

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-24 Feb, 2026 | 01:35
Updated At-26 Feb, 2026 | 21:33
Rejected At-
Credits

ImageMagick SIXEL Decoder Has Signed Integer Overflow, Leading to Memory Corruption

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a maliciously crafted SIXEL image file. The vulnerability occurs during buffer reallocation operations where pointer arithmetic using signed 32-bit integers overflows. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:24 Feb, 2026 | 01:35
Updated At:26 Feb, 2026 | 21:33
Rejected At:
▼CVE Numbering Authority (CNA)
ImageMagick SIXEL Decoder Has Signed Integer Overflow, Leading to Memory Corruption

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a maliciously crafted SIXEL image file. The vulnerability occurs during buffer reallocation operations where pointer arithmetic using signed 32-bit integers overflows. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Affected Products
Vendor
ImageMagick Studio LLCImageMagick
Product
ImageMagick
Versions
Affected
  • >= 7.0.0, < 7.1.2-15
  • < 6.9.13-40
Problem Types
TypeCWE IDDescription
CWECWE-190CWE-190: Integer Overflow or Wraparound
Type: CWE
CWE ID: CWE-190
Description: CWE-190: Integer Overflow or Wraparound
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xg29-8ghv-v4xr
x_refsource_CONFIRM
Hyperlink: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xg29-8ghv-v4xr
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:24 Feb, 2026 | 02:16
Updated At:25 Feb, 2026 | 11:57

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a maliciously crafted SIXEL image file. The vulnerability occurs during buffer reallocation operations where pointer arithmetic using signed 32-bit integers overflows. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
ImageMagick Studio LLC
imagemagick
>>imagemagick>>Versions before 6.9.13-40(exclusive)
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>Versions from 7.0.0-0(inclusive) to 7.1.2-15(exclusive)
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarysecurity-advisories@github.com
CWE ID: CWE-190
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xg29-8ghv-v4xrsecurity-advisories@github.com
Third Party Advisory
Hyperlink: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xg29-8ghv-v4xr
Source: security-advisories@github.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

244Records found
CVE-2023-24537
Matching Score-4
Assigner-Go Project
ShareView Details
Matching Score-4
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.01% / 2.15%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 15:50
Updated-13 Feb, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Infinite loop in parsing in go/scanner

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.

Action-Not Available
Vendor-Go standard libraryGo
Product-gogo/scanner
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-22895
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.49%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.

Action-Not Available
Vendor-bzip2_projectn/a
Product-bzip2n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-33024
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.53% / 66.64%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-20 Nov, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in WLAN Host

Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca8337qfw7124sg8275p_firmwareipq8173_firmwareqam8775pqcf8001qamsrv1msnapdragon_870_5g_mobile_platform_firmwareqcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwareqxm8083ipq8078aipq5028_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformqcm5430_firmwareqca6554a_firmwareqam8295pqcn6024_firmwareipq8076aqca8386_firmwareimmersive_home_316_platform_firmwareqca8084_firmwareqca6688aqqcn6412qca6574au_firmwareqcn5164_firmwareqcn6422_firmwarewcd9375_firmwareqca8081_firmwareipq8078a_firmwareqca6678aq_firmwareipq5028wsa8840_firmwareqca6698aqqca0000qcf8001_firmwareipq6010sa7775p_firmwaresdx65mwcd9340qcn6132sw5100qca6436sa6155pqcf8000qca6698aq_firmwaresxr2250pipq5312snapdragon_auto_5g_modem-rf_gen_2_firmwareqca9888_firmwareqcn6122wcd9341qam8775p_firmwaresa8255pqca6696_firmwareipq9008_firmwareqcn5154_firmwareqca6797aqqcc710_firmwarerobotics_rb5_platformwsa8830_firmwaresd865_5g_firmwarewcn3988sa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwaresa8770pqca8337_firmwarewcd9380_firmwaressg2125pipq8072asw5100pipq8076a_firmwareipq8078qca8084qcm8550ipq8173qca6564auipq9008qcn5164qca6574qcn6402_firmwarecsr8811_firmwarewcd9380snapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700ipq9554_firmwareqcn5024sxr1230pvideo_collaboration_vc3_platform_firmwaresg8275pwcd9335_firmwareqcn5052_firmwareqcn9274_firmwareqfw7114_firmwarewcn3980wsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815qcn6112snapdragon_865\+_5g_mobile_platformqxm8083_firmwareqcs8250qca6426_firmwareipq6028qcn9024ipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq5302sa8295psnapdragon_xr2_5g_platformqca6678aqsnapdragon_x65_5g_modem-rf_systemipq8078_firmwaresa8650p_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwaresrv1lqcn9024_firmwareipq8174_firmwaresa7255p_firmwaresnapdragon_8\+_gen_2_mobile_platformsa8620pwsa8832qcn6412_firmwaresw5100p_firmwareipq5332ipq5302_firmwareqamsrv1m_firmwareimmersive_home_326_platformqcm5430ipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qcs5430_firmwareqca6391_firmwareimmersive_home_214_platform_firmwareqca4024wcd9370_firmwaresm8550p_firmwaresdx55qcn6402sa8155psrv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqam8650pflight_rb5_5g_platformsnapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqca8082qcn9072qca8386srv1l_firmwareipq6000wcd9370ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqcn9000_firmwareqcn9160ipq9554qamsrv1hwcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformqamsrv1h_firmwareipq8074aimmersive_home_318_platformqcn5124_firmwareqam8295p_firmwareqca8082_firmwaresnapdragon_x55_5g_modem-rf_systemsa9000p_firmwareqcn5122_firmwaresa7255psdx55_firmwarewsa8845h_firmwareqcn6023_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114qca6595auqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_870_5g_mobile_platformqcn9274snapdragon_x72_5g_modem-rf_systemsa8775p_firmwareipq8174qcs6490qcn5052video_collaboration_vc5_platformqcs8550_firmwareqcn6112_firmwarewcn3988_firmwareqcn9074srv1hqca8085fastconnect_6700_firmwaresa8195pwsa8810_firmwareqcn6224vision_intelligence_400_platformwsa8845hwcd9395_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9335snapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwareqcs7230qca8081snapdragon_auto_5g_modem-rf_gen_2qcn6023ipq8071asa7775psdx65m_firmwareqam8620pqcs5430ipq8071a_firmwaresa8770p_firmwareqca8085_firmwareipq5300sxr2130_firmwareimmersive_home_3210_platformwcd9385qcs6490_firmwareipq9570ar8035wcd9375csr8811wcd9390qcn9100_firmwarevision_intelligence_400_platform_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwareqcm6490wsa8835_firmwarevideo_collaboration_vc5_platform_firmwaresxr2250p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwarerobotics_rb5_platform_firmwarewcn3990qcn9000qcf8000_firmwareqca6554asd865_5gfastconnect_6800qca6595qcs7230_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274qcn6422qcn5154qca8075_firmwaresxr2130ssg2125p_firmwareqca6574aqca9889qcn6132_firmwareqca9888qcc2076_firmwareipq8070a_firmwareipq8076_firmwaresa8650psa9000pqca6574_firmwaresxr2230pipq8076wsa8845_firmwareqcn9160_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresa8775pqcn5152snapdragon_x55_5g_modem-rf_system_firmwareqca6391fastconnect_7800snapdragon_865\+_5g_mobile_platform_firmwareqcn9100qcn6274_firmwareqcm6490_firmwareipq5300_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122ipq9574qcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810ipq5332_firmwaresm8550psrv1m_firmwaresnapdragon_ar2_gen_1_platformqcn5022qam8650p_firmwareipq6010_firmwareqca6696qcs8550qca8075snapdragon_8_gen_3_mobile_platform_firmwareqcn9022_firmwareqcn6024qcn9022wcd9390_firmwareqcc2076ipq8070aqcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcc2073qcn6432Snapdragonqcn5024_firmwareqam8255p_firmwaresxr2230p_firmwaresg8275p_firmwareipq8173_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_318_platform_firmwaresrv1l_firmwareipq5028_firmwareqca6595au_firmwareqcn5152_firmwareqca0000_firmwareqcm5430_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwareqca8084_firmwareqcn5124_firmwareqam8295p_firmwareqca8082_firmwaresa9000p_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwarewcd9375_firmwarewsa8845h_firmwareqca6436_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqca6678aq_firmwaresa8775p_firmwarewsa8840_firmwareqcf8001_firmwareqcs8550_firmwareqcn6112_firmwarewcn3988_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqca6698aq_firmwaresdx65m_firmwareipq8071a_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareipq9008_firmwareqcn5154_firmwareqcc710_firmwareqcn9100_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwaresa8295p_firmwaresxr2250p_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwareqcf8000_firmwareipq8076a_firmwareqcs7230_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareqcn6402_firmwarecsr8811_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwaressg2125p_firmwareqcn6132_firmwarewcd9335_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwarewsa8845_firmwareqcn9160_firmwaresnapdragon_xr2_5g_platform_firmwareqxm8083_firmwareqca6426_firmwareqca6574a_firmwareipq9574_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareimmersive_home_3210_platform_firmwareqcn6274_firmwareipq5300_firmwareqcm6490_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwarewsa8832_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareipq5312_firmwareqcn6432_firmwareqca9889_firmwaresa8155p_firmwareqcn9024_firmwareipq8174_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcn6412_firmwaresw5100p_firmwareipq5332_firmwareipq5302_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareipq6010_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwareimmersive_home_214_platform_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqam8620p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-21557
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.84% / 87.95%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-20691
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.71%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8765mt8385mt6739androidmt8788mt8321yoctomt8666mt8365mt8167MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-20693
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.71%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6895mt8168mt8765androidmt6739mt8385mt8781mt8788mt6983mt8321yoctomt8666mt8365mt8167mt8195MT6739, MT6895, MT6983, MT8167, MT8168, MT8195, MT8321, MT8365, MT8385, MT8666, MT8765, MT8781, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-20689
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.71%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8765mt8385mt6739androidmt8788mt8321yoctomt8666mt8365mt8167MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-33063
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.29% / 52.41%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 10:18
Updated-12 Dec, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in WLAN Host Communication

Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwarewsa8830qca6777aqsxr2230p_firmwareqca8337qam8650pqfw7124sg8275p_firmwareqam8775pqcf8001qamsrv1mqca6777aq_firmwareqcn6224_firmwareqcn5124qca8082wsa8840qca8386wcn6755_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformwcd9370ssg2115pqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qamsrv1hqca6554a_firmwarewcd9385_firmwareqam8295pwcn7881_firmwareqca8386_firmwareqamsrv1h_firmwarewcn3660bqca8084_firmwareqca6688aqqcn5124_firmwareqcn6412qam8295p_firmwareqca8082_firmwaresa9000p_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwaresa7255pqcn6422_firmwareqca6595auqca8081_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114wcd9375_firmwarewsa8845h_firmwaresnapdragon_429_mobile_platformwcn7860qca6564au_firmwareqca6584ausa6155p_firmwaresa8620p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274qca6678aq_firmwaresnapdragon_x72_5g_modem-rf_systemwcn7881sa8775p_firmwareqcs6490wsa8840_firmwareqca6698aqwcd9385qca0000qcf8001_firmwarevideo_collaboration_vc5_platformqcs8550_firmwaresm8635qcn9074srv1hwcn7880_firmwareqca8085sa7775p_firmwaresdx65mwcd9340sa8195pqcn6224vision_intelligence_400_platformwsa8845hwcn6755snapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresa6155pqcs7230sm8750_firmwareqca8081qcf8000sm8750p_firmwaresnapdragon_x75_5g_modem-rf_systemqca6698aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2sa7775psdx65m_firmwaresxr2250pipq5312immersive_home_3210_platformqca8085_firmwareipq5300qam8775p_firmwaresa8255psa8770p_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341ipq9008_firmwareipq9570qca6797aqar8035wcd9375wcd9390qcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwarewcd9335wcn3620_firmwarewsa8835_firmwarewcn3620sa8195p_firmwarevideo_collaboration_vc5_platform_firmwaresa8295p_firmwaresxr2250p_firmwaresa8770pqca6688aq_firmwareqca6787aq_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn7880qca8337_firmwarewcd9380_firmwaressg2125pwcn3990qcn9000qcf8000_firmwaresdm429wqca6554aqca6595qca8084qca6564auqcm8550qcs7230_firmwareipq9008immersive_home_326_platform_firmwarewsa8835qca6574sxr1230p_firmwareqcn6402_firmwaresdm429w_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274wcd9380qcn6422ipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwaressg2125p_firmwareqca6574asm8635_firmwaresxr1230pvideo_collaboration_vc3_platform_firmwaresg8275pwcd9335_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845sa8650psa9000pqca6574_firmwarewcd9340_firmwaresxr2230pwsa8845_firmwareqcs8250wcn3660b_firmwareqca6574a_firmwaresa8775psm8750pqcn9024ipq9574_firmwareqca6391immersive_home_3210_platform_firmwaresa8295pfastconnect_7800qcn6274_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemwcn7861_firmwareipq5300_firmwaresa8650p_firmwareipq9570_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwarefastconnect_6900_firmwaresrv1h_firmwarewcd9395_firmwareqca6797aq_firmwareipq5312_firmwareqca6574auqcn6432_firmwaresa8155p_firmwareipq9574qcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformsa8620pwsa8832qcn6412_firmwareipq5332ipq5332_firmwaresm8550pimmersive_home_326_platformqamsrv1m_firmwaresnapdragon_ar2_gen_1_platformsrv1m_firmwareqam8650p_firmwaresm8750qcc710wcn7860_firmwareqca6595_firmwarewcd9395wcn7861qca6696qca6787aqqca6391_firmwareqcs8550wcd9370_firmwaresm8550p_firmwareqca8075qcn6402sa8155psnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresrv1mssg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcn6432ar8035_firmwareSnapdragonqam8255p_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcf8000_firmwaresg8275p_firmwareqcs7230_firmwarear8035_firmwareqca6777aq_firmwareqcn6224_firmwareimmersive_home_326_platform_firmwaresxr1230p_firmwareqcn6402_firmwaresdm429w_firmwarewcn6755_firmwareqca6595au_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwaressg2125p_firmwaresm8635_firmwareqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqcn9000_firmwarewcd9335_firmwareqcn9274_firmwareqfw7114_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarewcn7881_firmwareqca8386_firmwareqamsrv1h_firmwareqca6574_firmwarewcd9340_firmwareqca8084_firmwareqcn5124_firmwarewsa8845_firmwareqam8295p_firmwarewcn3660b_firmwareqca8082_firmwaresa9000p_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwareqca6574a_firmwareqcn6422_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwareqcn6274_firmwaresa8775p_firmwarewcn7861_firmwareipq5300_firmwarewsa8840_firmwaresa8650p_firmwareipq9570_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwareqcf8001_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwareqca6797aq_firmwareipq5312_firmwareqcn6432_firmwarewcn7880_firmwaresa8155p_firmwaresa7775p_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresm8750_firmwaresm8750p_firmwarewcd9395_firmwareqcn6412_firmwareipq5332_firmwareqca6698aq_firmwareqamsrv1m_firmwaresdx65m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwareqcs6490_firmwarewcn7860_firmwareqca6595_firmwareipq9008_firmwareqca6391_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewsa8830_firmwarewcd9390_firmwarewcn3620_firmwaresxr2250p_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwaresa8295p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqca6787aq_firmware
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-51495
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.18%
||
7 Day CHG-0.03%
Published-29 Sep, 2025 | 00:00
Updated-16 Oct, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow.

Action-Not Available
Vendor-cesantan/a
Product-mongoosen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-52520
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.04%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 19:05
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: DoS via integer overflow in multipart file upload

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-12617
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-10.99% / 93.27%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 18:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.

Action-Not Available
Vendor-n/aQEMUCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxqemun/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11054
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-2.35% / 84.64%
||
7 Day CHG~0.00%
Published-31 Aug, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

Action-Not Available
Vendor-Dell Inc.RSA Security LLCOracle Corporation
Product-timesten_in-memory_databasecommunications_ip_service_activatorcore_rdbmscommunications_analyticsbsafegoldengate_application_adaptersreal_user_experience_insightapplication_testing_suitejd_edwards_enterpriseone_toolsretail_predictive_application_serverenterprise_manager_ops_centersecurity_serviceBSAFE Micro Edition Suite
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-1084
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.94%
||
7 Day CHG~0.00%
Published-12 Apr, 2018 | 17:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

Action-Not Available
Vendor-corosyncunspecifiedCanonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxcorosynccorosync
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-6073
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-1.41% / 80.23%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 20:43
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS message to trigger this vulnerability.

Action-Not Available
Vendor-videolabsn/aDebian GNU/Linux
Product-libmicrodnsdebian_linuxVideolabs
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-47294
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.12% / 30.89%
||
7 Day CHG~0.00%
Published-28 May, 2025 | 07:55
Updated-04 Jun, 2025 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-6960
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.58%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 08:55
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.

Action-Not Available
Vendor-apng2gif_projectn/aDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxapng2gifn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-41409
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.07%
||
7 Day CHG-0.03%
Published-18 Jul, 2023 | 00:00
Updated-28 Oct, 2024 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.

Action-Not Available
Vendor-pcren/a
Product-pcre2n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-42643
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.18%
||
7 Day CHG~0.00%
Published-22 Oct, 2024 | 00:00
Updated-23 Oct, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access.

Action-Not Available
Vendor-n/asmartdns_project
Product-n/asmartdns
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-40303
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.62%
||
7 Day CHG+0.03%
Published-22 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 05:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.

Action-Not Available
Vendor-n/aApple Inc.NetApp, Inc.libxml2 (XMLSoft)
Product-clustered_data_ontaph700sh500sh300s_firmwareh410sh410ch410c_firmwareontap_select_deploy_administration_utilitysnapmanageripadosactive_iq_unified_managerwatchoslibxml2netapp_manageability_sdkh300siphone_osmacosh410s_firmwaretvosh700s_firmwareh500s_firmwareclustered_data_ontap_antivirus_connectorn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-38216
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.86%
||
7 Day CHG~0.00%
Published-16 Aug, 2022 | 00:34
Updated-03 Aug, 2024 | 10:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process.

Action-Not Available
Vendor-mapboxMapbox
Product-maps_software_development_kitMapbox
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-38725
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.08% / 89.60%
||
7 Day CHG+1.17%
Published-23 Jan, 2023 | 00:00
Updated-03 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.

Action-Not Available
Vendor-oneidentityn/a
Product-syslog-ngsyslog-ng_store_boxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-29072
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.67% / 81.88%
||
7 Day CHG~0.00%
Published-27 Mar, 2025 | 00:00
Updated-11 Apr, 2025 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop (and high CPU usage) by submitting a malicious Declare v2/v3 transaction. This results in a denial-of-service condition for affected Starknet full-node implementations.

Action-Not Available
Vendor-nethermindn/a
Product-junon/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-31031
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.21%
||
7 Day CHG~0.00%
Published-17 Apr, 2024 | 00:00
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow.

Action-Not Available
Vendor-libcoapn/alibcoapFedora Project
Product-fedoralibcoapn/alibcoap
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-65865
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.08% / 22.70%
||
7 Day CHG~0.00%
Published-23 Dec, 2025 | 00:00
Updated-06 Jan, 2026 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow in eProsima Fast-DDS v3.3 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-eprosiman/a
Product-fast_ddsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-36125
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.24% / 79.04%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 06:50
Updated-03 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer overflow when reading corrupted .avro file in Avro Rust SDK

It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-avroApache Avro
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-36015
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.18% / 39.66%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:55
Updated-23 Apr, 2025 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer overflow in math ops in TensorFlow

TensorFlow is an open source platform for machine learning. When `RangeSize` receives values that do not fit into an `int64_t`, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-35940
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.18% / 39.66%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 19:45
Updated-23 Apr, 2025 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Int overflow in `RaggedRangeOp` in Tensoflow

TensorFlow is an open source platform for machine learning. The `RaggedRangOp` function takes an argument `limits` that is eventually used to construct a `TensorShape` as an `int64`. If `limits` is a very large float, it can overflow when converted to an `int64`. This triggers an `InvalidArgument` but also throws an abort signal that crashes the program. We have patched the issue in GitHub commit 37cefa91bee4eace55715eeef43720b958a01192. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-22861
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.93%
||
7 Day CHG~0.00%
Published-27 Jan, 2024 | 00:00
Updated-11 Aug, 2025 | 10:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.

Action-Not Available
Vendor-n/aFFmpeg
Product-ffmpegn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-23531
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-4.47% / 88.87%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to perform denial of service attacks. In certain rare conditions this could also lead to reading content from memory.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-21454
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.56%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:06
Updated-13 Jan, 2025 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow to Buffer Overflow in Automotive Telematics

Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-c-v2x_9150_firmwareauto_5g_modem-rf_firmwareauto_4g_modemauto_5g_modem-rfc-v2x_9150auto_4g_modem_firmwareSnapdragonsnapdragon_auto_4g_modemsnapdragon_auto_5g_modem-rfc-v2x_9150
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2011-1298
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.29% / 51.82%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 18:47
Updated-06 Aug, 2024 | 22:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.

Action-Not Available
Vendor-n/aApple Inc.Google LLC
Product-macosblinkn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-25574
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.81% / 82.59%
||
7 Day CHG~0.00%
Published-14 Sep, 2020 | 18:16
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop).

Action-Not Available
Vendor-hypern/a
Product-httpn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-28588
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.62% / 69.59%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:03
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in Bluetooth Host

Transient DOS in Bluetooth Host while rfc slot allocation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareapq8017qcs410_firmwaresd865_5gsa6150p_firmwaresnapdragon_429_mobile_platform_firmwaresw5100psxr1120qca6595snapdragon_xr1_platformqcs610_firmwarewcd9335wcd9370qca8081_firmwaresnapdragon_x50_5g_modem-rf_systemqca6696wcd9340_firmwarewcd9341_firmwaresnapdragon_626_mobile_platform_firmwarewcd9395_firmwaresnapdragon_730_mobile_platformqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700wcn3610snapdragon_768g_5g_mobile_platform_firmwaresa4150pwsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_460_mobile_platformsmart_display_200_platformqca6574au_firmwareqcn7606_firmwareqca6564_firmwareqam8295pwcd9341sd626_firmwareqca6574auwcd9390wsa8810_firmwaresd730_firmwarewsa8845h_firmwarecsra6640msm8209_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3660b_firmwaresd730snapdragon_730g_mobile_platform_firmwarefastconnect_6800_firmwareqcs5430sd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqcm5430snapdragon_695_5g_mobile_platformqcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsnapdragon_210_processor_firmwareqcm6125_firmwaressg2115pqcc710snapdragon_625_mobile_platform_firmwaremsm8108snapdragon_480\+_5g_mobile_platform_firmwaresxr1120_firmwaresnapdragon_695_5g_mobile_platform_firmwarerobotics_rb3_platformfastconnect_6900snapdragon_765g_5g_mobile_platformvideo_collaboration_vc1_platformqfw7114wcd9385_firmwareqca6421snapdragon_x55_5g_modem-rf_systemqca6310snapdragon_630_mobile_platformsa8155_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6335snapdragon_ar2_gen_1_platform_firmwareqcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_685_4g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6421_firmwareqcm6125qca6564au_firmwaresnapdragon_768g_5g_mobile_platformwsa8810video_collaboration_vc5_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformqca6595ausm7315_firmwarewcd9326_firmwaresa6155p_firmwarewsa8840qcs8550_firmwaresd835snapdragon_632_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6436_firmwareqcn9012snapdragon_8\+_gen_1_mobile_platformwcd9371_firmwarequalcomm_205_mobile_platformqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformwcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresnapdragon_855\+\/860_mobile_platform_firmwaresnapdragon_212_mobile_platform_firmwareqca6420wcn3910apq8064au_firmwarewcd9370_firmwaresnapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_660_mobile_platformwcn3660bqca6574asa8195pwcd9340qcs8250_firmwareqcm2290snapdragon_630_mobile_platform_firmwaresnapdragon_820_automotive_platform_firmwareqca6335_firmwareqcm6490sm8550p_firmwareqcm8550wcn3988snapdragon_460_mobile_platform_firmwareqca6574snapdragon_x75_5g_modem-rf_systemsxr2230p_firmwaresd675_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformqcn9011wsa8845hsa6150pwcd9326qcs410qcm2290_firmwaresa8155p_firmwareqca6564asa8155pwsa8830snapdragon_675_mobile_platformsnapdragon_662_mobile_platformsm8550psa6145psnapdragon_8\+_gen_1_mobile_platform_firmwareqcn9074_firmwarevision_intelligence_400_platform_firmwaresnapdragon_765_5g_mobile_platformflight_rb5_5g_platform_firmwaresmart_audio_200_platform_firmwaresnapdragon_665_mobile_platformar8035msm8996ausnapdragon_626_mobile_platformqca6564qrb5165m_firmwaresa6155snapdragon_678_mobile_platform_firmwareqcm4325robotics_rb5_platformsnapdragon_208_processor_firmwareqcn6224apq8064ausmart_display_200_platform_firmwaressg2125p_firmwarewcn3950_firmwaresm6250snapdragon_632_mobile_platformqrb5165nsnapdragon_8_gen_1_mobile_platformsmart_audio_200_platformfastconnect_6200snapdragon_710_mobile_platformsd670sm7325p_firmwarewcn3680bsa8145p_firmwaresnapdragon_730g_mobile_platformsnapdragon_888\+_5g_mobile_platformsmart_audio_400_platformsnapdragon_855\+\/860_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwaresnapdragon_636_mobile_platform_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwaresnapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250snapdragon_750g_5g_mobile_platformfastconnect_6200_firmwarear8031_firmwarewsa8830_firmwareqcn6224_firmwareqca6431wsa8845_firmwaresd660_firmwarewsa8832vision_intelligence_200_platformsxr2130_firmwaresnapdragon_675_mobile_platform_firmwarear8035_firmwaresnapdragon_730_mobile_platform_firmwareqrb5165msnapdragon_888_5g_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6320sa4150p_firmwaremsm8608_firmwaresd888_firmwaremsm8209snapdragon_662_mobile_platform_firmwareqca6564auqcs6125_firmwareqcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcm4290vision_intelligence_100_platformsnapdragon_680_4g_mobile_platformmsm8608ar8031sg8275p_firmwareqcm6490_firmwaresm7250p_firmwarewcn3680_firmwaresm4125qcm4490_firmwaresnapdragon_855_mobile_platformrobotics_rb3_platform_firmwarewcn3950flight_rb5_5g_platformsnapdragon_xr2_5g_platformsnapdragon_429_mobile_platformqcs6125snapdragon_7c\+_gen_3_computesnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_439_mobile_platformsnapdragon_780g_5g_mobile_platformsnapdragon_710_mobile_platform_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwaresnapdragon_720g_mobile_platformvision_intelligence_200_platform_firmwaresm7250psm6250_firmwaresa8155snapdragon_780g_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwaresd888qca6320_firmwareqcn9011_firmwaresnapdragon_4_gen_2_mobile_platformsw5100_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_425_mobile_platformsnapdragon_765_5g_mobile_platform_firmwarewcn6740qca6310_firmwaresd626fastconnect_6800qfw7114_firmwareqcs7230snapdragon_685_4g_mobile_platform_firmwareqca6595_firmwarefastconnect_7800_firmwarewcd9371snapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwareapq8017_firmwarewcd9380sa6145p_firmwaresa6155_firmwaresxr2230psnapdragon_732g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_4_gen_1_mobile_platformsa8150psnapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwaremsm8996au_firmwaresnapdragon_835_mobile_pc_platformsxr1230psnapdragon_865\+_5g_mobile_platformsw5100video_collaboration_vc3_platformaqt1000snapdragon_865_5g_mobile_platform_firmwareqam8295p_firmwaresd855snapdragon_212_mobile_platformqca6431_firmwarewcn3990_firmwaresm7315qca6564a_firmwareqcs2290wcd9385qcn7606qcs2290_firmwarewcn3615wcn3610_firmwarewcn3680snapdragon_678_mobile_platformqcs7230_firmwaresnapdragon_720g_mobile_platform_firmwareqcs4290wcd9390_firmwaresxr1230p_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformqca6430sg8275psdx55_firmwaresnapdragon_208_processorwcn3615_firmwaressg2125psnapdragon_210_processorsxr2130msm8108_firmwareqcm4490snapdragon_636_mobile_platformcsra6640_firmwarevision_intelligence_100_platform_firmwaresnapdragon_xr2\+_gen_1_platformsm7325pvideo_collaboration_vc5_platformsnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqcn6274wsa8835wsa8840_firmwareqca6391_firmwaresnapdragon_480_5g_mobile_platform_firmwareqfw7124qca6595au_firmwaresw5100p_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_732g_mobile_platformsnapdragon_782g_mobile_platformqca6696_firmwareqcs4290_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwarequalcomm_205_mobile_platform_firmwareqca6574_firmwarecsra6620qca8081sd660wsa8815sg4150psd_8_gen1_5gqcm4325_firmwarevision_intelligence_400_platformqca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_480\+_5g_mobile_platformsd675sd_8_gen1_5g_firmwarewcd9375_firmwaresnapdragon_425_mobile_platform_firmwareqca6391qualcomm_215_mobile_platformsnapdragon_778g_5g_mobile_platform_firmwareqcs5430_firmwaresmart_audio_400_platform_firmwaresg4150p_firmwaresnapdragon_480_5g_mobile_platformqcn9012_firmwaresnapdragon_670_mobile_platformcsra6620_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295psnapdragon_xr1_platform_firmwareqcs8550robotics_rb5_platform_firmwaresnapdragon_625_mobile_platformsnapdragon_x50_5g_modem-rf_system_firmwarefastconnect_7800sd865_5g_firmwarequalcomm_215_mobile_platform_firmwarewcd9375wcn3988_firmwaresa8145psd_675snapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_660_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_820_automotive_platformsnapdragon_690_5g_mobile_platform_firmwarewcn3680b_firmwareqcs610Snapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-29361
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.42%
||
7 Day CHG-0.05%
Published-16 Dec, 2020 | 13:35
Updated-04 Aug, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.

Action-Not Available
Vendor-p11-kit_projectn/aDebian GNU/Linux
Product-debian_linuxp11-kitn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-36395
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-1.22% / 78.81%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 17:57
Updated-08 Oct, 2025 | 23:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Deployment Services Denial of Service Vulnerability

Windows Deployment Services Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows Server 2012 (Server Core installation)
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-6780
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 45.97%
||
7 Day CHG~0.00%
Published-31 Jan, 2024 | 14:08
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glibc: integer overflow in __vsyslog_internal()

An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.

Action-Not Available
Vendor-n/aRed Hat, Inc.GNUFedora Project
Product-fedoraglibcRed Hat Enterprise Linux 8Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7glibcRed Hat Enterprise Linux 9Fedora
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-31264
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.86%
||
7 Day CHG~0.00%
Published-21 May, 2022 | 20:04
Updated-03 Aug, 2024 | 07:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program.

Action-Not Available
Vendor-solanalabsn/a
Product-rbpfn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-32058
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.90%
||
7 Day CHG~0.00%
Published-11 May, 2023 | 20:55
Updated-24 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vyper vulnerable to integer overflow in loop

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been patched in version 0.3.8.

Action-Not Available
Vendor-vyperlangvyperlang
Product-vypervyper
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-30463
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.81%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 may occur.

Action-Not Available
Vendor-altrann/a
Product-picotcpn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-28936
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.02%
||
7 Day CHG~0.00%
Published-15 May, 2022 | 15:39
Updated-03 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node can trigger an integer overflow and cause a Denial of Service (DoS) via an unusually large viewchange message packet.

Action-Not Available
Vendor-fisco-bcosn/a
Product-fisco-bcosn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-28937
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.86%
||
7 Day CHG~0.00%
Published-15 May, 2022 | 15:39
Updated-03 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests.

Action-Not Available
Vendor-fisco-bcosn/a
Product-fisco-bcosn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-27813
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.13%
||
7 Day CHG~0.00%
Published-02 Dec, 2020 | 00:00
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.

Action-Not Available
Vendor-gorillatoolkitn/aDebian GNU/Linux
Product-websocketdebian_linuxgolang-github-gorilla-websocket
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-28705
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.65% / 70.39%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:35
Updated-16 Sep, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, on platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile that has ePVA acceleration enabled can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-23775
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.85%
||
7 Day CHG~0.00%
Published-31 Jan, 2024 | 00:00
Updated-04 Nov, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().

Action-Not Available
Vendor-n/aArm Limited
Product-mbed_tlsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-25314
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.05%
||
7 Day CHG~0.00%
Published-18 Feb, 2022 | 04:25
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.

Action-Not Available
Vendor-libexpat_projectn/aSiemens AGOracle CorporationDebian GNU/LinuxFedora Project
Product-debian_linuxzfs_storage_appliance_kitlibexpatsinema_remote_connect_serverhttp_serverfedoran/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-25062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-28.96% / 96.46%
||
7 Day CHG~0.00%
Published-25 Feb, 2022 | 19:38
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wr840n_firmwaretl-wr840nn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-6021
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 70.73%
||
7 Day CHG+0.06%
Published-12 Jun, 2025 | 12:49
Updated-06 Feb, 2026 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Action-Not Available
Vendor-Red Hat, Inc.libxml2 (XMLSoft)
Product-jboss_core_servicesenterprise_linux_for_power_little_endian_eusenterprise_linux_for_ibm_z_systems_eusenterprise_linux_server_ausenterprise_linux_for_arm_64enterprise_linux_server_tusin-vehicle_operating_systementerprise_linux_eusenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systemsopenshift_container_platform_for_arm64enterprise_linuxopenshift_container_platformopenshift_container_platform_for_powerenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_for_arm_64_eusopenshift_container_platform_for_ibm_zenterprise_linux_serveropenshift_container_platform_for_linuxonelibxml2Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat OpenShift Container Platform 4.14Red Hat Enterprise Linux 10Red Hat OpenShift Container Platform 4.18Red Hat OpenShift Container Platform 4.15Red Hat Discovery 2Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat OpenShift Container Platform 4.12Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat OpenShift Container Platform 4.19Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat OpenShift Container Platform 4.17Red Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Insights proxy 1.5Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 6Red Hat OpenShift Container Platform 4.13Red Hat OpenShift Container Platform 4.16Red Hat JBoss Core Services 2.4.62.SP2Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.4 Extended Update Support
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-6052
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-3.7||LOW
EPSS-0.07% / 21.04%
||
7 Day CHG+0.02%
Published-13 Jun, 2025 | 15:40
Updated-07 Nov, 2025 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.

Action-Not Available
Vendor-Red Hat, Inc.The GNOME Project
Product-glibRed Hat Enterprise Linux 9Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 10
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-23990
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.52% / 87.41%
||
7 Day CHG~0.00%
Published-26 Jan, 2022 | 18:02
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

Action-Not Available
Vendor-libexpat_projectn/aTenable, Inc.Siemens AGOracle CorporationDebian GNU/LinuxFedora Project
Product-nessusdebian_linuxlibexpatsinema_remote_connect_servercommunications_metasolv_solutionfedoran/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-20685
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.50% / 65.66%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 15:36
Updated-27 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Products Snort Modbus Denial of Service Vulnerability

A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Cyber VisionCisco Firepower Threat Defense SoftwareCisco UTD SNORT IPS Engine Software
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found