CWE-190

Medium likelihood

Integer Overflow or Wraparound

Parent: CWE-682 - Incorrect Calculation

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

3,189 vulnerabilities with CWE-190
CVE-2024-28931 HIGH
Microsoft ODBC Driver for SQL Server 17.0.1.1-17.10.6.1 - Remote Code Execution
CVSS 8.8
CVE-2024-28929 HIGH
Microsoft ODBC Driver for SQL Server - Remote Code Execution via Integer Overflow
CVSS 8.8
CVE-2024-28923 MEDIUM
Windows 10 1507-22H2 and Windows 11 21H2-23H2 - Secure Boot Security Feature Bypass via Integer Overflow
CVSS 6.4
CVE-2024-26171 MEDIUM
Windows 10 1507-22H2 and Windows 11 21H2-23H2 - Secure Boot Security Feature Bypass via Integer Overflow
CVSS 6.7
CVE-2024-31047 LOW
OpenEXR < 3.2.4 - Denial of Service via exrmultipart.cpp Convert Function
CVSS 3.3
CVE-2024-26668 MEDIUM
Linux Kernel 4.3-5.15.148, 5.16-6.1.75, 6.2-6.6.14, 6.7-6.7.2 - Integer Overflow in nft_limit Token Counter
CVSS 5.5
CVE-2024-21470 HIGH
Qualcomm AQT1000 and FastConnect Firmware - Memory Corruption via Graphics Memory Allocation
CVSS 8.4
CVE-2024-21454 HIGH
Qualcomm C-V2X 9150 Firmware - Denial of Service via ToBeSignedMessage Decoding
CVSS 7.5
CVE-2024-20047 MEDIUM
Android - Local Information Disclosure via Integer Overflow in Battery Component
CVSS 5.4
CVE-2024-20046 MEDIUM
Android - Local Privilege Escalation via Integer Overflow in Battery Component
CVSS 6.6
CVE-2024-3077 MEDIUM
Zephyr < 3.6.0 - Denial of Service via Malformed BLE GATT Packet
CVSS 6.8
CVE-2024-2452 HIGH
Eclipse ThreadX NetX Duo <6.4.0 - Buffer Overflow
CVSS 7.0
CVE-2024-2212 HIGH
Eclipse ThreadX <6.4.0 - Buffer Overflow
CVSS 7.3
CVE-2024-1917 CRITICAL
Mitsubishi Electric Corporation MELSEC-Q Series & MELSEC-L Series -...
CVSS 9.8
CVE-2024-1916 CRITICAL
Mitsubishi Electric Corporation MELSEC-Q Series & MELSEC-L Series -...
CVSS 9.8
CVE-2024-0803 CRITICAL
Mitsubishi Electric Corporation MELSEC-Q Series & MELSEC-L Series -...
CVSS 9.8
CVE-2024-22396 MEDIUM
SonicOS < 7.0.1-5145, < 7.1.1-7047, < 6.5.4.13-105n, < 6.5.4.4-44v-21-2340 - DoS & RCE via IKEv2 Payload
CVSS 5.3
CVE-2024-21450 HIGH
Windows 10 1507-22H2 and Windows 11 21H2-23H2 - Remote Code Execution via WDAC OLE DB Provider Integer Overflow
CVSS 8.8
CVE-2024-21444 HIGH
Windows 10/11, Server 2008-2019 RCE via WDAC OLE DB Integer Overflow
CVSS 8.8
CVE-2024-21441 HIGH
Windows 10 1507-22H2 and Windows 11 21H2-23H2 - Remote Code Execution via WDAC OLE DB Provider
CVSS 8.8
CVE-2024-27304 CRITICAL
pgx <4.18.2, <5.5.4 - SQL Injection
CVSS 9.8
CVE-2024-20025 MEDIUM
Android - Integer Overflow to Out-of-Bounds Write in da
CVSS 6.7
CVE-2024-27101 HIGH
SpiceDB < 1.29.2 - Integer Overflow in Chunking Helper
CVSS 7.3
CVE-2024-23605 HIGH
llama.cpp - Heap-Based Buffer Overflow via GGUF Library Header.n_kv
CVSS 8.8
CVE-2024-23496 HIGH
llama.cpp - Heap-Based Buffer Overflow via GGUF Library gguf_fread_str Functionality
CVSS 8.8
Details
Vulnerabilities 3,189
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits