CWE-190— Integer Overflow or Wraparound
2,792 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-190page 7 of 56
- CVE-2018-12362HIGHCVSS 8.8EG 8.82018-10-18
An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Fi…
- CVE-2018-12371HIGHCVSS 8.8EG 8.82020-07-09
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This …
- CVE-2018-12393HIGHCVSS 7.5EG 7.52019-02-28
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible…
- CVE-2018-12447HIGHCVSS 8.8EG 8.82018-06-15
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution.
- CVE-2018-12511HIGHCVSS 7.5EG 7.52018-09-21
In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily.
- CVE-2018-12617HIGHCVSS 7.5EG 7.52018-06-21
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memor…
- CVE-2018-12842MEDIUMCVSS 5.5EG 5.52018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
- CVE-2018-12881MEDIUMCVSS 5.5EG 5.52018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
- CVE-2018-12896MEDIUMCVSS 5.5EG 5.52018-07-02
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the over…
- CVE-2018-13041HIGHCVSS 7.5EG 7.52018-07-01
The mint function of a smart contract implementation for Link Platform (LNK), an Ethereum ERC20 token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13053LOWCVSS 3.3EG 3.32018-07-02
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
- CVE-2018-13068HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for AzurionToken (AZU), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13069HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for DYchain (DYC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13070HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for EncryptedToken (ECC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13071HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for CCindex10 (T10), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13072HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Coffeecoin (COFFEE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13073HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for ETHEREUMBLACK (ETCBK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13074HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for FIBToken (FIB), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13075HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Carbon Exchange Coin Token (CEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13076HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Betcash (BC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13077HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for CTB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13078HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Jitech (JTH), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13079HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for GoodTo (GTO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13080HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Goutex (GTX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13081HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for GZS Token (GZS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13082HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for MODI Token (MODI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13083HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Plaza Token (PLAZA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13084HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Good Time Coin (GTY), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13085HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for FreeCoin (FREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13086HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13087HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Coinstar (CSTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13088HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Futures Pease (FP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13089HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Universal Coin (UCOIN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13090HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for YiTongCoin (YTC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13091HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for sumocoin (SUMO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13092HIGHCVSS 7.5EG 7.52018-07-03
The mintToken function of a smart contract implementation for Reimburse Token (REIM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13113HIGHCVSS 7.5EG 7.52018-07-03
The transfer and transferFrom functions of a smart contract implementation for Easy Trading Token (ETT), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
- CVE-2018-13126HIGHCVSS 7.5EG 7.52018-07-04
MoxyOnePresale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
- CVE-2018-13127HIGHCVSS 7.5EG 7.52018-07-04
SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
- CVE-2018-13128HIGHCVSS 7.5EG 7.52018-07-04
Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
- CVE-2018-13129HIGHCVSS 7.5EG 7.52018-07-04
SP8DE Token (SPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
- CVE-2018-13130HIGHCVSS 7.5EG 7.52018-07-04
Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
- CVE-2018-13131HIGHCVSS 7.5EG 7.52018-07-04
SpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
- CVE-2018-13132HIGHCVSS 7.5EG 7.52018-07-04
Spadeico is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
- CVE-2018-13144HIGHCVSS 7.5EG 7.52018-07-04
The transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
- CVE-2018-13145HIGHCVSS 7.5EG 7.52018-07-04
The mintToken function of a smart contract implementation for JavaSwapTest (JST), an Ethereum token, has an integer overflow.
- CVE-2018-13146HIGHCVSS 7.5EG 7.52018-07-04
The mintToken, buy, and sell functions of a smart contract implementation for LEF, an Ethereum token, have an integer overflow.
- CVE-2018-13155HIGHCVSS 7.5EG 7.52018-07-05
The mintToken function of a smart contract implementation for GEMCHAIN (GEM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13156HIGHCVSS 7.5EG 7.52018-07-05
The mintToken function of a smart contract implementation for bonusToken (BNS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
- CVE-2018-13157HIGHCVSS 7.5EG 7.52018-07-05
The mintToken function of a smart contract implementation for CryptonitexCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
Map vulnerabilities like CWE-190 to your infrastructure
EchelonGraph correlates every CVE — across CWE-190 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →