CWE-197
41 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-197page 1 of 1
- CVE-2020-15202CRITICALCVSS 9.0EG 9.02020-09-25
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow…
- CVE-2022-34670HIGHCVSS 7.8EG 7.82022-12-30
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in…
- CVE-2022-34676HIGHCVSS 7.1EG 7.82022-12-30
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering.
- CVE-2022-34680MEDIUMCVSS 5.5EG 5.52022-12-30
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
- CVE-2022-42475CRITICALCVSS 9.8EG 9.8⚠ KEV2023-01-02
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlie…
- CVE-2023-32143HIGHCVSS 8.8EG 8.82024-05-03
D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentica…
- CVE-2023-35328HIGHCVSS 7.8EG 7.82023-07-11
Windows Transaction Manager Elevation of Privilege Vulnerability
- CVE-2023-36641MEDIUMCVSS 6.5EG 6.52023-11-14
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, F…
- CVE-2023-36710HIGHCVSS 7.8EG 7.82023-10-10
Windows Media Foundation Core Remote Code Execution Vulnerability
- CVE-2024-21310HIGHCVSS 7.8EG 7.82024-01-09
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
- CVE-2024-21352HIGHCVSS 8.8EG 8.82024-02-13
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
- CVE-2024-21377MEDIUMCVSS 5.5EG 7.12024-02-13
Windows DNS Information Disclosure Vulnerability
- CVE-2024-21391HIGHCVSS 8.8EG 8.82024-02-13
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
- CVE-2024-21429MEDIUMCVSS 6.8EG 6.82024-03-12
Windows USB Hub Driver Remote Code Execution Vulnerability
- CVE-2024-21434HIGHCVSS 7.8EG 7.82024-03-12
Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
- CVE-2024-21440HIGHCVSS 8.8EG 8.82024-03-12
Microsoft ODBC Driver Remote Code Execution Vulnerability
- CVE-2024-21451HIGHCVSS 8.8EG 8.82024-03-12
Microsoft ODBC Driver Remote Code Execution Vulnerability
- CVE-2024-28944HIGHCVSS 8.8EG 8.82024-04-09
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
- CVE-2024-29050HIGHCVSS 8.4EG 8.42024-04-09
Windows Cryptographic Services Remote Code Execution Vulnerability
- CVE-2024-30009HIGHCVSS 8.8EG 8.82024-05-14
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-30014HIGHCVSS 7.5EG 7.52024-05-14
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-30015HIGHCVSS 7.5EG 7.52024-05-14
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-30022HIGHCVSS 7.5EG 7.52024-05-14
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-30023HIGHCVSS 7.5EG 7.52024-05-14
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-30024HIGHCVSS 7.5EG 7.52024-05-14
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-30029HIGHCVSS 7.5EG 7.52024-05-14
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-37337HIGHCVSS 7.1EG 7.12024-09-10
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
- CVE-2024-38044HIGHCVSS 7.2EG 7.22024-07-09
DHCP Server Service Remote Code Execution Vulnerability
- CVE-2024-38086MEDIUMCVSS 6.4EG 6.42024-07-09
Azure Kinect SDK Remote Code Execution Vulnerability
- CVE-2024-38125HIGHCVSS 7.8EG 7.82024-08-13
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2024-43519HIGHCVSS 8.8EG 8.82024-10-08
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
- CVE-2024-43639CRITICALCVSS 9.8EG 9.82024-11-12
Windows KDC Proxy Remote Code Execution Vulnerability
- CVE-2024-49018HIGHCVSS 8.8EG 8.82024-11-12
SQL Server Native Client Remote Code Execution Vulnerability
- CVE-2025-10543MEDIUMCVSS 5.3EG 5.32025-12-02
In Eclipse Paho Go MQTT v3.1 library (paho.mqtt.golang) versions <=1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to…
- CVE-2025-49679HIGHCVSS 7.8EG 7.82025-07-08
Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.
- CVE-2025-53723HIGHCVSS 7.8EG 7.82025-08-12
Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
- CVE-2025-6965CRITICALCVSS 9.8EG 9.82025-07-15
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.
- CVE-2026-40380MEDIUMCVSS 6.2EG 6.22026-05-12
Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.
- CVE-2026-42371MEDIUMCVSS 5.1EG 5.12026-04-27
uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.
- CVE-2026-42944HIGHCVSS 7.5EG 7.52026-05-20
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options ('nsid'…
- CVE-2026-44927LOWCVSS 2.9EG 2.92026-05-08
In uriparser before 1.0.2, there is pointer difference truncation to int in various places.
Map vulnerabilities like CWE-197 to your infrastructure
EchelonGraph correlates every CVE — across CWE-197 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →