CWE-681

High likelihood

Incorrect Conversion between Numeric Types

Parent: CWE-704 - Incorrect Type Conversion or Cast

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

116 vulnerabilities with CWE-681
CVE-2024-1552 HIGH
Firefox < 123, Firefox ESR < 115.8, Thunderbird < 115.8 - Code Inje...
CVSS 7.5
CVE-2023-28063 MEDIUM
Dell OptiPlex Firmware - Authenticated Denial of Service via Signed to Unsigned Conversion Error
CVSS 6.7
CVE-2023-46848 HIGH
Squid 5.0.3-6.3 - Denial of Service via FTP URL Handling
CVSS 8.6
CVE-2023-5184 HIGH
Zephyr < 3.4.0 - Buffer Overflow via IPM Driver Signed to Unsigned Conversion
CVSS 7.0
CVE-2023-3635 MEDIUM
Okio 0.5.0-1.17.5, 2.0.0-RC1-3.3.9 - Denial of Service via Malformed GZIP Buffer
CVSS 5.9
CVE-2023-20006 HIGH
Cisco Firepower/ASA SSL/TLS Traffic Processing DoS
CVSS 8.6
CVE-2023-29346 HIGH
Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Elevation of Privilege via NTFS Incorrect Numeric Type Conversion
CVSS 7.8
CVE-2023-24884 HIGH
Microsoft PostScript and PCL6 Class Printer Driver - RCE
CVSS 8.8
CVE-2023-0185 MEDIUM
NVIDIA GPU Display Driver - Info Disclosure
CVSS 6.7
CVE-2023-23401 HIGH
Windows Media - Remote Code Execution via Incorrect Numeric Type Conversion
CVSS 7.8
CVE-2023-23388 HIGH
Windows Bluetooth Driver - Privilege Escalation
CVSS 8.8
CVE-2023-21736 HIGH
Microsoft Office Visio - Remote Code Execution via Numeric Type Conversion
CVSS 7.8
CVE-2022-43663 HIGH
WellinTech KingHistorian <35.01.00.05 - Buffer Overflow
CVSS 8.1
CVE-2022-34680 MEDIUM
NVIDIA GPU Display Driver >=390 <390.157 - Denial of Service via Integer Truncation
CVSS 5.5
CVE-2022-34677 MEDIUM
NVIDIA GPU Display Driver >=390 <390.157 - Denial of Service or Data Tampering via Integer Truncation
CVSS 5.5
CVE-2022-34670 HIGH
NVIDIA GPU Display Driver >=390 <390.157 - Denial of Service or Information Disclosure via Numeric Type Conversion
CVSS 7.8
CVE-2022-40225 MEDIUM
SIPLUS TIM 1531 IRC Firmware < 2.4.8 - Denial of Service via Floating Point Exception
CVSS 6.5
CVE-2022-42324 MEDIUM
Xen - Denial of Service via Oxenstored 32->31 Bit Integer Truncation
CVSS 5.5
CVE-2022-40138 CRITICAL
Facebook Hermes < 2022-09-27 - Remote Code Execution via Integer Conversion Error
CVSS 9.8
CVE-2022-36025 CRITICAL
Besu <22.7.1 - Incorrect Conversion
CVSS 9.1
CVE-2022-2639 HIGH
Openvswitch kernel module - Memory Corruption
CVSS 7.8
CVE-2022-34169 HIGH
Apache Xalan <2.7.3 - Code Injection
CVSS 7.5
CVE-2022-27189 HIGH
F5 BIG-IP <16.1.2.2, 15.1.5.1, 14.1.4.6, 13.1.5, 12.1.x, 11.6.x - I...
CVSS 7.5
CVE-2022-0322 MEDIUM
Linux Kernel < 5.15 - Denial of Service via SCTP Buffer Overflow in sctp_make_strreset_req
CVSS 5.5
CVE-2022-27882 HIGH
OpenBSD 6.9-7.0 - Heap-Based Buffer Overflow in slaacd via IPv6 Router Advertisement
CVSS 7.5
Details
Vulnerabilities 116
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits