CWE-189
28 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-189page 1 of 1
- CVE-2014-10375HIGHCVSS 7.5EG 7.52019-08-14
handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header.
- CVE-2016-10490CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205,…
- CVE-2016-10714CRITICALCVSS 9.8EG 9.82018-02-27
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
- CVE-2019-1010294HIGHCVSS 7.5EG 7.52019-07-15
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: optee_os. The fixed version is: 3.4.0 and later.
- CVE-2019-11837HIGHCVSS 7.5EG 7.52019-05-09
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
- CVE-2019-5755HIGHCVSS 8.1EG 8.12019-02-19
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
- CVE-2019-7308MEDIUMCVSS 5.6EG 5.62019-02-01
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to sid…
- CVE-2020-6111HIGHCVSS 7.5EG 7.52020-12-03
An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Seri…
- CVE-2022-3970MEDIUMCVSS 6.3EG 9.82022-11-13
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack r…
- CVE-2022-4202MEDIUMCVSS 6.3EG 8.82022-11-29
A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible…
- CVE-2025-15534MEDIUMCVSS 5.3EG 5.32026-01-18
A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environm…
- CVE-2025-2174MEDIUMCVSS 5.3EG 5.32025-03-11
A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to inte…
- CVE-2025-2175MEDIUMCVSS 4.3EG 4.32025-03-11
A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit ha…
- CVE-2025-2176HIGHCVSS 7.3EG 7.32025-03-11
A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the atta…
- CVE-2025-2177HIGHCVSS 7.3EG 7.32025-03-11
A vulnerability classified as critical was found in libzvbi up to 0.2.43. This vulnerability affects the function vbi_search_new of the file src/search.c. The manipulation of the argument pat_len leads to integer overflow. The attack can b…
- CVE-2025-2581MEDIUMCVSS 4.3EG 4.32025-03-21
A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launc…
- CVE-2025-3408MEDIUMCVSS 6.3EG 6.32025-04-08
A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious deli…
- CVE-2025-5001LOWCVSS 3.3EG 3.32025-05-20
A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to in…
- CVE-2025-6603MEDIUMCVSS 5.3EG 5.32025-06-25
A vulnerability was found in coldfunction qCUDA up to db0085400c2f2011eed46fbc04fdc0873141688e. It has been rated as problematic. Affected by this issue is the function qcow_make_empty of the file qCUDA/qcu-device/block/qcow.c. The manipul…
- CVE-2025-9688MEDIUMCVSS 5.0EG 5.02025-08-30
A security vulnerability has been detected in Mupen64Plus up to 2.6.0. The affected element is the function write_is_viewer of the file src/device/cart/is_viewer.c. The manipulation leads to integer overflow. It is possible to initiate the…
- CVE-2026-10268LOWCVSS 3.3EG 3.32026-06-01
A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the... A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the function unmarshal_one_fiber of the file sr…
- CVE-2026-10722LOWCVSS 3.3EG 3.32026-06-03
A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to in…
- CVE-2026-5476MEDIUMCVSS 4.6EG 4.62026-04-03
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The manipulation leads to integer overflow. The complexi…
- CVE-2026-6192LOWCVSS 3.3EG 3.32026-04-13
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. T…
- CVE-2026-7598HIGHCVSS 7.3EG 7.32026-05-01
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. T…
- CVE-2026-7736HIGHCVSS 7.3EG 7.32026-05-04
A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the …
- CVE-2026-8275LOWCVSS 3.7EG 3.72026-05-11
A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogod_ipp_primitives.go of the component zerogod IPP Service. Performing a manipulation…
- CVE-2026-8276LOWCVSS 3.7EG 3.72026-05-11
A flaw has been found in bettercap up to 2.41.5. Affected by this issue is some unknown functionality of the file modules/mysql_server/mysql_server.go of the component MySQL Server. Executing a manipulation can lead to integer coercion err…
Map vulnerabilities like CWE-189 to your infrastructure
EchelonGraph correlates every CVE — across CWE-189 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →