CWE-190

Medium likelihood

Integer Overflow or Wraparound

Parent: CWE-682 - Incorrect Calculation

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

3,200 vulnerabilities with CWE-190
CVE-2022-42767 LOW
Android - Denial of Service via WLAN Driver Missing Bounds Check
CVSS 3.3
CVE-2022-42765 MEDIUM
Android - Denial of Service via Missing Bounds Check in WLAN Driver
CVSS 5.5
CVE-2022-42764 MEDIUM
Android - Denial of Service via Missing Bounds Check in WLAN Driver
CVSS 5.5
CVE-2022-42763 MEDIUM
Android - Denial of Service via WLAN Driver Missing Bounds Check
CVSS 5.5
CVE-2022-45934 HIGH
Linux Kernel 2.6.32-4.9.337 - Integer Overflow via L2CAP Configuration Request
CVSS 7.8
CVE-2022-40303 HIGH
libxml2 < 2.10.3 - Integer Overflow via XML_PARSE_HUGE Parser Option
CVSS 7.5
CVE-2022-42533 HIGH
Android - Integer Overflow to Out-of-Bounds Write in SharedMetadata.cpp
CVSS 7.8
CVE-2022-31630 MEDIUM
PHP <7.4.33, 8.0.25, 8.1.12 - Memory Corruption
CVSS 6.5
CVE-2022-20454 MEDIUM
Android -<13 - Privilege Escalation
CVSS 6.7
CVE-2022-39343 MEDIUM
Azure RTOS FileX < 6.2.0 - Integer Overflow in Fault Tolerant Log Recovery
CVSS 5.6
CVE-2022-44638 HIGH
pixman < 0.42.2 - Heap-Based Buffer Overflow via Integer Overflow in pixman_sample_floor_y
CVSS 8.8
CVE-2022-32775 HIGH
Abode Systems iota All-In-One Security Kit 6.9X and 6.9Z - Authenticated Integer Overflow via Web Interface
CVSS 8.8
CVE-2022-37454 CRITICAL
Keccak XKCP SHA-3 Reference Implementation - Integer Overflow and Buffer Overflow in Sponge Function Interface
CVSS 9.8
CVE-2022-25748 CRITICAL
Qualcomm APQ8009 and other Firmware - Memory Corruption via GTK Frame Parsing Integer Overflow
CVSS 9.8
CVE-2022-22078 MEDIUM
Qualcomm AQT1000 Firmware - Denial of Service via Integer Overflow in Partition Size Calculation
CVSS 4.6
CVE-2022-39105 MEDIUM
Android - Integer Overflow or Wraparound in Sensor Driver
CVSS 5.5
CVE-2022-41550 MEDIUM
GNU oSIP v5.3.0 - Integer Overflow in osip_body_parse_header
CVSS 6.5
CVE-2022-20423 MEDIUM
Android - Local Privilege Escalation
CVSS 4.6
CVE-2022-20410 HIGH
Android - Remote Information Disclosure via Integer Overflow in avrc_ctrl_pars_vendor_rsp
CVSS 7.5
CVE-2022-35289 CRITICAL
Hermes < 0.12.0 - Remote Code Execution via Integer Overflow
CVSS 9.8
CVE-2022-1718 HIGH
trudesk < 1.2.2 - Denial of Service via Large Input in Full Name Field
CVSS 7.5
CVE-2022-2566 CRITICAL
FFMPEG <5.1 - Remote Code Execution
CVSS 9.0
CVE-2022-35951 HIGH
Redis 7.0.0-7.0.4 - Integer Overflow via XAUTOCLAIM COUNT Argument
CVSS 7.0
CVE-2022-36934 CRITICAL
WhatsApp < 2.22.16.12 - Remote Code Execution via Integer Overflow in Video Call
CVSS 9.8
CVE-2022-36015 MEDIUM
TensorFlow <2.10.0 - Info Disclosure
CVSS 5.9
Details
Vulnerabilities 3,200
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits