CWE-190

Medium likelihood

Integer Overflow or Wraparound

Parent: CWE-682 - Incorrect Calculation

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

3,200 vulnerabilities with CWE-190
CVE-2020-6116 HIGH
Nitro Pro 13.13.2.242 - Code Injection
CVSS 7.8
CVE-2020-6113 HIGH
Nitro Pro <13.13.2.242 - Buffer Overflow
CVSS 7.8
CVE-2020-3990 MEDIUM
VMware Horizon Client 5.0.0-5.4.3 & Workstation 15.0.0-15.x - Info Disclosure via Integer Overflow
CVSS 6.5
CVE-2020-25574 HIGH
hyper/http < 0.1.20 - Denial of Service via Integer Overflow in HeaderMap::reserve()
CVSS 7.5
CVE-2020-14363 HIGH
libX11 < 1.6.12 - Integer Overflow to Double-Free
CVSS 7.8
CVE-2020-6327 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 4.3
CVE-2020-3624 HIGH
Qualcomm Snapdragon Firmware - Buffer Overflow via Integer Overflow in Handler Options Parsing
CVSS 7.8
CVE-2020-3620 MEDIUM
Qualcomm Snapdragon - Integer Overflow in G-link SMEM Transport
CVSS 5.5
CVE-2020-12829 LOW
QEMU < 5.0.1 - Denial of Service via Integer Overflow in SM501 Display Driver
CVSS 3.8
CVE-2020-17396 HIGH
Parallels Desktop 15.1.4 - Privilege Escalation
CVSS 8.8
CVE-2020-9095 MEDIUM
HUAWEI P30 Pro Firmware < 10.1.0.160(C00E160R2P8) - Integer Overflow via Malicious Message
CVSS 5.5
CVE-2020-17360 HIGH
ReadyTalk Avian 1.2.0 - Memory Corruption
CVSS 7.8
CVE-2020-15137 MEDIUM
HoRNDIS - Integer Overflow in RNDIS Packet Parsing
CVSS 5.5
CVE-2020-0240 HIGH
Android 10 - Remote Code Execution via Integer Overflow in NewFixedDoubleArray
CVSS 8.8
CVE-2020-14344 MEDIUM
libX11 < 1.6.10 - Integer Overflow to Heap Buffer Overflow in XIM Client
CVSS 6.7
CVE-2020-14311 MEDIUM
GRUB2 < 2.06 - Heap-Based Buffer Overflow via Ext Filesystem Symlink Inode Size
CVSS 5.7
CVE-2020-14310 MEDIUM
GRUB2 < 2.06 - Heap-Based Buffer Overflow via Malicious Font File
CVSS 5.7
CVE-2020-14309 MEDIUM
GRUB2 < 2.06 - Heap-Based Buffer Overflow via SquashFS Symbolic Link Name
CVSS 6.7
CVE-2020-14308 MEDIUM
GRUB2 < 2.06 - Integer Overflow in Memory Allocator
CVSS 6.4
CVE-2020-15707 MEDIUM
GRUB2 < 2.04 - Integer Overflow and Heap-Based Buffer Overflow in efilinux initrd Handling
CVSS 5.7
CVE-2020-15588 CRITICAL
ManageEngine Desktop Central < 10.0.561 - Remote Code Execution via Integer Overflow in InternetSendRequestEx
CVSS 9.8
CVE-2020-10929 HIGH
NETGEAR R6700 V1.0.4.84_10.0.58 - Code Injection
CVSS 8.8
CVE-2020-15103 LOW
FreeRDP <= 2.1.2 - Integer Overflow in rdpegfx Channel
CVSS 3.5
CVE-2020-6523 HIGH
Google Chrome < 84.0.4147.89 - Remote Code Execution via Skia Out of Bounds Write
CVSS 8.8
CVE-2020-7689 MEDIUM
node.bcrypt.js < 5.0.0 - Integer Overflow in Data Length Handling
CVSS 5.9
Details
Vulnerabilities 3,200
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits