CWE-190— Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.— MITRE CWE catalog
2,938 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-190page 25 of 59
- CVE-2020-12826MEDIUMCVSS 5.3EG 5.32020-05-12
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. …
- CVE-2020-12829LOWCVSS 3.8EG 3.82020-08-31
In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker co…
- CVE-2020-12887HIGHCVSS 7.5EG 7.52020-06-18
Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoA…
- CVE-2020-13434MEDIUMCVSS 5.5EG 5.52020-05-24
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
- CVE-2020-13546HIGHCVSS 7.8EG 7.82021-02-10
In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1014), a specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will…
- CVE-2020-13576CRITICALCVSS 9.8EG 9.82021-02-10
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerabilit…
- CVE-2020-13579HIGHCVSS 7.8EG 7.82021-02-04
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may…
- CVE-2020-13603MEDIUMCVSS 6.9EG 6.92021-05-25
Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc…
- CVE-2020-13822HIGHCVSS 7.7EG 7.72020-06-04
The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single ca…
- CVE-2020-13974HIGHCVSS 7.8EG 7.82020-06-09
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overf…
- CVE-2020-13985HIGHCVSS 7.5EG 7.52020-12-11
An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
- CVE-2020-13988HIGHCVSS 7.5EG 7.52020-12-11
An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.
- CVE-2020-13999MEDIUMCVSS 5.5EG 5.52020-06-15
ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file.
- CVE-2020-14147HIGHCVSS 7.7EG 7.72020-06-15
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) o…
- CVE-2020-14155MEDIUMCVSS 5.3EG 5.32020-06-15
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
- CVE-2020-14308MEDIUMCVSS 6.4EG 6.42020-07-29
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possi…
- CVE-2020-14309MEDIUMCVSS 6.7EG 6.72020-07-30
There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation…
- CVE-2020-14310MEDIUMCVSS 5.7EG 5.72020-07-31
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from t…
- CVE-2020-14311MEDIUMCVSS 5.7EG 5.72020-07-31
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation wi…
- CVE-2020-14344MEDIUMCVSS 6.7EG 6.72020-08-05
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions wh…
- CVE-2020-14346HIGHCVSS 7.8EG 7.82020-09-15
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confi…
- CVE-2020-14361HIGHCVSS 7.8EG 7.82020-09-15
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality an…
- CVE-2020-14362HIGHCVSS 7.8EG 7.82020-09-15
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality an…
- CVE-2020-14363HIGHCVSS 7.8EG 7.82020-09-11
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The h…
- CVE-2020-14378LOWCVSS 3.3EG 3.32020-09-30
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294…
- CVE-2020-14401MEDIUMCVSS 6.5EG 6.52020-06-17
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
- CVE-2020-14409HIGHCVSS 7.8EG 7.82021-01-19
SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.
- CVE-2020-15103LOWCVSS 3.5EG 3.52020-07-27
In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates…
- CVE-2020-15137MEDIUMCVSS 5.5EG 5.52020-08-12
All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines. A malicious USB device can trigger disclosure of unrelated kernel memory to userspace applications on the host, or can cause the kernel to cr…
- CVE-2020-15588CRITICALCVSS 9.8EG 9.82020-07-29
An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.552.W. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based …
- CVE-2020-15707MEDIUMCVSS 5.7EG 5.72020-07-29
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-…
- CVE-2020-15974HIGHCVSS 8.8EG 8.82020-11-03
Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
- CVE-2020-15975HIGHCVSS 8.8EG 8.82020-11-03
Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-15986MEDIUMCVSS 6.5EG 6.52020-11-03
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16040MEDIUMCVSS 6.5EG 6.52021-01-08
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16124HIGHCVSS 7.3EG 7.32020-10-13
Integer Overflow or Wraparound vulnerability in the XML RPC library of OpenRobotics ros_comm communications packages allows unauthenticated network traffic to cause unexpected behavior. This issue affects: OpenRobotics ros_comm communicati…
- CVE-2020-1634HIGHCVSS 7.5EG 7.52020-04-08
On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Subsequently, all FPCs in a chassis may reset causing a Denial o…
- CVE-2020-17360HIGHCVSS 7.8EG 7.82020-08-12
An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks…
- CVE-2020-17396HIGHCVSS 8.8EG 8.82020-08-25
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this …
- CVE-2020-17442HIGHCVSS 7.5EG 7.52020-12-11
An issue was discovered in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds of the extension header length value, which may result in Integer Wraparound. Therefore, a crafted extension …
- CVE-2020-17443HIGHCVSS 7.5EG 7.52020-12-11
An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than t…
- CVE-2020-17444HIGHCVSS 7.5EG 7.52020-12-11
An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extension headers are valid) doesn't check whether the header extension length field would overflow. Therefore, if it…
- CVE-2020-17752CRITICALCVSS 9.8EG 9.82021-06-24
Integer overflow vulnerability in payable function of a smart contract implementation for an Ethereum token, as demonstrated by the smart contract implemented at address 0xB49E984A83d7A638E7F2889fc8328952BA951AbE, an implementation for Mil…
- CVE-2020-18684CRITICALCVSS 9.8EG 9.82021-09-30
Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number.
- CVE-2020-1895HIGHCVSS 7.8EG 7.82020-04-09
A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128.
- CVE-2020-19490MEDIUMCVSS 5.5EG 5.52021-07-21
tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.
- CVE-2020-19497HIGHCVSS 8.8EG 8.82021-07-21
Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
- CVE-2020-19909LOWCVSS 3.3EG 9.82023-08-22
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service…
- CVE-2020-20335HIGHCVSS 7.5EG 7.52023-06-20
Buffer Overflow vulnerability in Antirez Kilo before commit 7709a04ae8520c5b04d261616098cebf742f5a23 allows a remote attacker to cause a denial of service via the editorUpdateRow function in kilo.c.
- CVE-2020-20898HIGHCVSS 8.8EG 8.82021-09-20
Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
Map vulnerabilities like CWE-190 to your infrastructure
EchelonGraph correlates every CVE — across CWE-190 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →