CWE-190: Integer Overflow

This CVE describes an integer overflow vulnerability in Das U-Boot's squashfs filesystem handling. When processing a specially crafted squashfs filesy...

Integer overflow vulnerabilities in Das U-Boot's memory allocation functions allow attackers to cause heap corruption via specially crafted squashfs f...

This vulnerability in lrzsz (a file transfer tool) allows information leakage to the receiving side due to an integer overflow in the zsdata function....

This CVE describes an integer overflow vulnerability in TensorFlow's TFLite component. An attacker can craft a malicious machine learning model that c...

This CVE describes an integer overflow vulnerability in Redis that allows authenticated users to execute specially crafted Lua scripts, potentially le...

This CVE describes integer overflow vulnerabilities in GTKWave's VZT file parser that can lead to memory corruption when processing specially crafted ...

This CVE describes integer overflow vulnerabilities in GTKWave's VZT file parser that can lead to memory corruption when processing specially crafted ...

An integer overflow vulnerability in GTKWave's FST file parser allows memory corruption when processing malicious .fst files. This affects users who o...

An integer overflow vulnerability in GTKWave's FST_BL_GEOM parser allows memory corruption when processing malicious .fst files. This affects users wh...

This vulnerability allows an attacker to gain SYSTEM-level privileges on Windows systems by exploiting an integer overflow in the PPPoE driver. It aff...

This CVE describes an integer overflow vulnerability in libexpat's doContent function that can lead to buffer overflow during XML parsing. Attackers c...

This CVE describes an integer overflow vulnerability (CWE-190) in Qualcomm partition handling that could allow memory corruption when calculating offs...

CVE-2024-26184 is a Secure Boot security feature bypass vulnerability that allows attackers to circumvent Secure Boot protections on affected systems....

This vulnerability in the Windows Mobile Broadband Driver allows an attacker to execute arbitrary code remotely by sending specially crafted packets t...

This vulnerability in the Windows Mobile Broadband Driver allows an attacker to execute arbitrary code remotely by sending specially crafted packets t...

This CVE describes an integer overflow vulnerability in dpe (likely a MediaTek component) that could lead to memory corruption. An attacker with Syste...

CVE-2025-20807 is an integer overflow vulnerability in dpe that leads to out-of-bounds write, allowing local privilege escalation. Attackers with Syst...

This CVE describes an integer overflow vulnerability in the lwis_test_register_io function of lwis_device_test.c that leads to an out-of-bounds write....

This CVE describes an integer overflow vulnerability in Huawei's partition module where insufficient data length verification allows attackers to caus...

This vulnerability allows local privilege escalation on Android devices through an integer overflow in the RIL component. Attackers with system execut...

This vulnerability allows attackers to bypass security features in Windows Resume Extensible Firmware Interface (Resume EFI) during system resume oper...

This CVE describes a memory corruption vulnerability in Qualcomm components where sending excessive scan frequency lists or channels from user space c...

This CVE describes an integer overflow vulnerability in Android's fdt.c that could allow local privilege escalation. An attacker could exploit this to...

This CVE describes an integer overflow vulnerability in MediaTek battery management components that could allow local privilege escalation. Attackers ...

This vulnerability in vsftpd allows a remote authenticated attacker to cause a denial of service (DoS) by sending a specially crafted STAT command tha...

A heap buffer overflow vulnerability in PHP's array_merge() function allows memory corruption when merging large packed arrays. This affects PHP serve...

An integer overflow vulnerability in the Bluetooth Host stack's bt_br_acl_recv routine allows attackers to trigger memory corruption when processing B...

This vulnerability in GLib's GIO component allows heap buffer overflow and denial-of-service via integer overflow when processing malicious file attri...

An integer overflow vulnerability in FreeImage's PSD parser allows attackers to cause Denial of Service by supplying a specially crafted PSD file. Thi...

CVE-2025-63938 is an integer overflow vulnerability in Tinyproxy's strip_return_port() function that could allow remote attackers to cause a denial of...

This vulnerability in the Russh SSH library allows integer overflow when processing SSH channel window adjust messages, potentially causing a denial-o...

A vulnerability in nbdkit's blocksize filter allows denial of service when clients request block status information for excessively large data ranges....

A signed 64-bit integer overflow vulnerability in iputils ping allows denial of service through crafted ICMP Echo Reply packets. This can cause ping t...

This CVE describes an integer overflow vulnerability in multiple Apple operating systems that could allow an attacker on the local network to cause a ...

This vulnerability allows a local attacker to execute arbitrary code in pre-installed apps on OpenHarmony devices through an integer overflow. It affe...

This CVE describes an integer overflow vulnerability in the ihevcd_allocate_dynamic_bufs function of Android's HEVC decoder. An attacker could trigger...

CVE-2018-9482 is an integer overflow vulnerability in Android's Bluetooth service that allows local attackers to read memory beyond intended boundarie...

CVE-2018-9348 is an integer overflow vulnerability in Android's SMF parser that could allow remote attackers to cause denial of service through resour...

This vulnerability in Redis allows authenticated users to execute specially crafted LUA scripts that can read out-of-bounds memory or crash the server...

CVE-2024-38805 is an integer overflow vulnerability in EDK2 BIOS/UEFI firmware that can be triggered via network packets. Successful exploitation coul...

FFmpeg versions containing the vulnerable DXA demuxer in libavformat have an integer overflow vulnerability that can cause denial-of-service (DoS) or ...

CVE-2024-36617 is an integer overflow vulnerability in FFmpeg's CAF decoder that could allow attackers to cause denial of service or potentially execu...

This vulnerability in Xpdf allows attackers to cause integer overflow and divide-by-zero errors by providing malicious PDF files with very large coord...

An integer wraparound vulnerability in PostgreSQL's libpq client library allows attackers to cause undersized memory allocations leading to out-of-bou...

A buffer-underflow vulnerability in GLib's GVariant parser allows remote attackers to cause heap corruption by sending maliciously crafted input strin...

An integer overflow vulnerability in AMD Graphics drivers allows attackers to bypass size checks, potentially causing denial of service. This affects ...

CVE-2026-21354 is an integer overflow vulnerability in Adobe DNG SDK versions 1.7.1 2410 and earlier. Attackers can craft malicious DNG files that cau...

CVE-2025-64894 is an integer overflow vulnerability in DNG SDK versions 1.7.0 and earlier that allows attackers to cause denial-of-service by tricking...

This CVE describes an integer overflow vulnerability in the GNSS driver that could lead to an out-of-bounds read. If exploited by a malicious actor wi...

This CVE-2023-53661 is an integer overflow vulnerability in the bnxt_get_nvram_directory() function of the Linux kernel's Broadcom NetXtreme Ethernet ...