CWE-191— Integer Underflow
412 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-191page 2 of 9
- CVE-2019-13602HIGHCVSS 7.8EG 7.82019-07-14
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified o…
- CVE-2019-14083CRITICALCVSS 9.8EG 9.82020-03-05
While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is specified in the attribute length field of extended SSI which can lead to integer underflow in Snapdragon Au…
- CVE-2019-14085HIGHCVSS 7.8EG 7.82020-03-05
Possible Integer underflow in WLAN function due to lack of check of data received from user side in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap…
- CVE-2019-14192CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.
- CVE-2019-14199CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.
- CVE-2019-14523HIGHCVSS 7.8EG 7.82019-08-02
An issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c.
- CVE-2019-14532CRITICALCVSS 9.8EG 9.82019-08-02
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table.
- CVE-2019-15791HIGHCVSS 7.1EG 7.12020-04-24
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem without taking an additional reference to t…
- CVE-2019-16160HIGHCVSS 7.5EG 7.52020-10-07
An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.
- CVE-2019-1628MEDIUMCVSS 5.5EG 5.52019-06-20
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition on an affected device. The vulnerab…
- CVE-2019-16535CRITICALCVSS 9.8EG 9.82019-12-30
In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol.
- CVE-2019-20590CRITICALCVSS 9.8EG 9.82020-03-24
An issue was discovered on Samsung mobile devices with O(8.x) (Qualcomm chipsets) software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 (July 2019).
- CVE-2019-2187MEDIUMCVSS 5.5EG 5.52019-10-11
In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed…
- CVE-2019-2244CRITICALCVSS 9.8EG 9.82019-05-24
Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon C…
- CVE-2019-2245CRITICALCVSS 9.8EG 9.82019-05-24
Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Con…
- CVE-2019-2297HIGHCVSS 7.8EG 7.82019-11-21
Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice …
- CVE-2019-2307CRITICALCVSS 9.8EG 9.82019-07-25
Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I…
- CVE-2019-5099HIGHCVSS 7.8EG 7.82019-11-06
An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially c…
- CVE-2019-5144HIGHCVSS 8.1EG 8.82019-12-12
An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An a…
- CVE-2019-5148HIGHCVSS 7.5EG 7.52020-02-25
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmappe…
- CVE-2019-5459HIGHCVSS 7.1EG 7.12019-07-30
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
- CVE-2019-9133MEDIUMCVSS 5.5EG 5.52019-04-09
When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by entici…
- CVE-2019-9183HIGHCVSS 7.5EG 7.52020-04-23
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This res…
- CVE-2019-9755HIGHCVSS 7.0EG 7.02019-06-05
An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting …
- CVE-2020-11208HIGHCVSS 7.8EG 7.82020-11-12
Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument' in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, S…
- CVE-2020-11906MEDIUMCVSS 6.3EG 6.32020-06-17
The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
- CVE-2020-11909MEDIUMCVSS 5.3EG 5.32020-06-17
The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.
- CVE-2020-1239HIGHCVSS 8.8EG 8.82020-06-09
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1238.
- CVE-2020-1400HIGHCVSS 7.8EG 7.82020-07-14
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1401, CVE-2020-1407.
- CVE-2020-14346HIGHCVSS 7.8EG 7.82020-09-15
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confi…
- CVE-2020-14361HIGHCVSS 7.8EG 7.82020-09-15
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality an…
- CVE-2020-14362HIGHCVSS 7.8EG 7.82020-09-15
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality an…
- CVE-2020-14378LOWCVSS 3.3EG 3.32020-09-30
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294…
- CVE-2020-14699HIGHCVSS 7.5EG 7.52020-07-15
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high pri…
- CVE-2020-15158HIGHCVSS 7.7EG 7.72020-08-26
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even t…
- CVE-2020-15900CRITICALCVSS 9.8EG 9.82020-07-28
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too…
- CVE-2020-16273HIGHCVSS 7.8EG 7.82020-11-12
In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used …
- CVE-2020-17395HIGHCVSS 8.2EG 8.22020-08-25
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploi…
- CVE-2020-2031MEDIUMCVSS 4.9EG 4.92020-07-08
An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated …
- CVE-2020-24370MEDIUMCVSS 5.3EG 5.32020-08-17
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
- CVE-2020-24837HIGHCVSS 7.5EG 7.52021-02-10
An integer underflow has been found in the latest version of ZCFees. The variables 'currPeriodIdx' and 'lastPeriodExecIdx' are both unsigned integers, and the result of the minus operation may be a negative integer which leads to an underf…
- CVE-2020-28194CRITICALCVSS 9.8EG 9.82021-02-01
Variable underflow exists in accel-ppp radius/packet.c when receiving a RADIUS vendor-specific attribute with length field is less than 2. It has an impact only when the attacker controls the RADIUS server, which can lead to arbitrary code…
- CVE-2020-36221HIGHCVSS 7.5EG 7.52021-01-26
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
- CVE-2020-36228HIGHCVSS 7.5EG 7.52021-01-26
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.
- CVE-2020-3634CRITICALCVSS 9.1EG 9.12020-09-09
u'Multiple Read overflows issue due to improper length check while decoding Generic NAS transport/EMM info' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables…
- CVE-2020-3675CRITICALCVSS 9.8EG 9.82020-09-08
u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdrag…
- CVE-2020-3691CRITICALCVSS 9.8EG 9.82021-01-21
Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, S…
- CVE-2020-6096HIGHCVSS 8.1EG 8.12020-04-01
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter …
- CVE-2020-6098HIGHCVSS 7.5EG 7.52020-07-28
An exploitable denial of service vulnerability exists in the freeDiameter functionality of freeDiameter 1.3.2. A specially crafted Diameter request can trigger a memory corruption resulting in denial-of-service. An attacker can send a mali…
- CVE-2020-8174HIGHCVSS 8.1EG 8.12020-07-24
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
Map vulnerabilities like CWE-191 to your infrastructure
EchelonGraph correlates every CVE — across CWE-191 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →