CWE-190

Medium likelihood

Integer Overflow or Wraparound

Parent: CWE-682 - Incorrect Calculation

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

3,209 vulnerabilities with CWE-190
CVE-2017-0381 HIGH
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1 - Information Disclosure via silk/NLSF_stabilize.c Integer Overflow
CVSS 7.8
CVE-2017-5340 CRITICAL
PHP 7.0.0-7.0.14 - Remote Code Execution via Crafted Serialized Data
CVSS 9.8
CVE-2016-10502 CRITICAL
Qualcomm Mdm9206 Firmware - Integer Overflow
CVSS 9.8
CVE-2016-2120 HIGH
PowerDNS Authoritative <= 3.4.10 - Authenticated Denial of Service via Crafted DNS Record
CVSS 7.5
CVE-2016-6328 HIGH
libexif < 0.6.22 - Integer Overflow in MNOTE Entry Parsing
CVSS 8.1
CVE-2016-9583 MEDIUM
Redhat Enterprise Linux Desktop < 2.0.6 - Integer Overflow
CVSS 5.5
CVE-2016-9580 LOW
OpenJPEG 2.1.2 - Integer Overflow to Heap Buffer Overflow in tiftoimage
CVSS 3.3
CVE-2016-8620 MEDIUM
curl < 7.51.0 - Integer Overflow via Globbing Feature
CVSS 6.5
CVE-2016-8622 LOW
libcurl < 7.51.0 - Integer Overflow in URL Percent-Encoding Decode Function
CVSS 3.7
CVE-2016-9063 CRITICAL
Firefox < 50 - Integer Overflow in Expat XML Parser
CVSS 9.8
CVE-2016-5297 CRITICAL
Firefox < 50 and Firefox ESR < 45.5 - Integer Overflow in JavaScript Argument Length Checking
CVSS 9.8
CVE-2016-9601 MEDIUM
gpl_ghostscript < 9.21 - Heap-Based Buffer Overflow in JBIG2 Gray Scale Image Decoding
CVSS 5.3
CVE-2016-10494 CRITICAL
Qualcomm MDM9635M and related firmware - Integer Overflow leading to Buffer Overflow in IPC Router Root-PD Driver
CVSS 9.8
CVE-2016-10491 CRITICAL
Qualcomm MDM9206 and Snapdragon Firmware - Integer Overflow to Buffer Overflow in QuRT API
CVSS 9.8
CVE-2016-10480 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Memory Corruption via EXIF Integer Overflow
CVSS 9.8
CVE-2016-10478 CRITICAL
Qualcomm Snapdragon Mobile SD 617 Firmware - Integer Overflow to Buffer Overflow in QCRIL SCWS Processing
CVSS 9.8
CVE-2016-10475 CRITICAL
Qualcomm Snapdragon Mobile Integer Overflow
CVSS 9.8
CVE-2016-10412 CRITICAL
Qualcomm MDM9206 and related firmware - Integer Overflow leading to Buffer Overflow in Memory API
CVSS 9.8
CVE-2016-10407 CRITICAL
Qualcomm Snapdragon Mobile - Integer Overflow to Buffer Overflow during VT Call
CVSS 9.8
CVE-2016-10393 CRITICAL
Android - Buffer Overflow via Large Clip Size Integer Arithmetic
CVSS 9.8
CVE-2016-10507 MEDIUM
OpenJPEG < 2.2.0 - Denial of Service via BMP Image Conversion Integer Overflow
CVSS 6.5
CVE-2016-5871 CRITICAL
Qualcomm Android CAF - Integer Overflow to Buffer Overflow in Image File Loading
CVSS 9.8
CVE-2016-10346 CRITICAL
Google Android - Integer Overflow
CVSS 9.8
CVE-2016-5735 HIGH
pngquant 2.7.0 - Integer Overflow in rwpng_read_image24_libpng
CVSS 7.8
CVE-2016-10239 HIGH
Android - Buffer Overflow and Buffer Over-Read via TrustZone Access Control Policy Bypass
CVSS 7.8
Details
Vulnerabilities 3,209
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits