CWE-191: CWE-191
Yearly Trend
Top Affected Vendors
All CWE-191 CVEs (121)
A heap buffer overflow vulnerability in CryptoLib's SDLS-EP implementation allows attackers to craft malicious frames that cause negative payload leng...
Apr 1, 2025A heap buffer overflow vulnerability in CryptoLib's Crypto_TC_ApplySecurity() function allows attackers to craft malicious Telecommand frames that cau...
Mar 17, 2025CVE-2018-9388 is a critical memory corruption vulnerability in STMicroelectronics touchscreen drivers for Android devices. It allows attackers to exec...
Dec 5, 2024This critical vulnerability in Windows TCP/IP stack allows remote attackers to execute arbitrary code without authentication by sending specially craf...
Aug 13, 2024CVE-2024-38074 is a critical remote code execution vulnerability in Windows Remote Desktop Licensing Service that allows unauthenticated attackers to ...
Jul 9, 2024This vulnerability is an integer underflow in Chrome's WebUI that allows remote attackers to trigger heap corruption via malicious files. It affects G...
Jan 24, 2024This critical vulnerability in Accusoft ImageGear allows attackers to execute arbitrary code by tricking users into opening specially crafted maliciou...
Sep 25, 2023This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General M...
Jun 14, 2023This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General M...
Apr 11, 2023This is a critical Remote Procedure Call Runtime vulnerability that allows unauthenticated attackers to execute arbitrary code remotely on affected Wi...
Mar 14, 2023CVE-2021-40589 is an integer underflow vulnerability in ZAngband's zangband-data 2.7.5 that occurs when processing bitmap file headers. This allows at...
Jun 8, 2022CVE-2021-1920 is an integer underflow vulnerability in Qualcomm Snapdragon chipsets' RTCP packet handling that allows remote code execution. Attackers...
Sep 8, 2021CVE-2021-21811 is a critical heap buffer overflow vulnerability in Xmill 0.7's XML parser that allows memory corruption via specially crafted XML file...
Aug 31, 2021This vulnerability in the bam crate for Rust allows integer underflow and out-of-bounds write during bgzip block loading. Attackers can exploit this t...
Mar 5, 2021This CVE describes an integer underflow vulnerability in accel-ppp's RADIUS packet processing that allows arbitrary code execution when an attacker-co...
Feb 1, 2021This vulnerability allows integer underflow in Qualcomm Snapdragon audio processing, potentially leading to out-of-bounds memory access. Attackers cou...
Jan 21, 2021An integer underflow vulnerability in Honeywell Experion PKS and OneWireless WDM's Control Data Access component allows attackers to manipulate commun...
Jul 10, 2025CVE-2024-57823 is an integer underflow vulnerability in the Raptor RDF Syntax Library's turtle parser that can lead to memory corruption when processi...
Jan 10, 2025CVE-2024-10838 is an integer underflow vulnerability in Eclipse Cyclone DDS during deserialization that allows unauthenticated attackers to read out-o...
Mar 12, 2025This vulnerability allows remote attackers to execute arbitrary code on XnSoft XnView Classic installations by tricking users into opening malicious R...
Dec 12, 2024This vulnerability in Microsoft ODBC Driver for SQL Server allows remote attackers to execute arbitrary code on affected systems by sending specially ...
Apr 9, 2024This vulnerability in Microsoft WDAC OLE DB provider for SQL Server allows remote attackers to execute arbitrary code on affected systems by sending s...
Apr 9, 2024This vulnerability in the Windows Bluetooth A2DP driver allows an attacker to gain SYSTEM-level privileges on affected systems. It affects Windows dev...
Aug 8, 2023This vulnerability allows attackers to exploit Microsoft PostScript and PCL6 Class Printer Drivers to gain SYSTEM-level privileges on Windows systems....
Mar 14, 2023This vulnerability allows remote attackers to execute arbitrary code on systems using Microsoft PostScript and PCL6 Class Printer Drivers. Attackers c...
Feb 14, 2023CVE-2021-20240 is an integer overflow vulnerability in gdk-pixbuf's GIF image parser that allows out-of-bounds writes when processing malicious GIF fi...
May 28, 2021An integer underflow vulnerability in catdoc's OLE Document DIFAT parser allows heap-based memory corruption when processing specially crafted files. ...
Jun 2, 2025This vulnerability allows memory corruption in Qualcomm's multimedia framework due to integer overflow when synx bind is called with synx signal. It a...
Apr 13, 2023This CVE describes an integer underflow vulnerability in the 6LoWPAN IPHC header uncompression functionality in Zephyr RTOS. An attacker could exploit...
Oct 12, 2021A vulnerability in Yokogawa's Vnet/IP Interface Package allows attackers to cause denial of service or execute arbitrary code by sending maliciously c...
Feb 13, 2026An integer underflow vulnerability in wolfSSL's XChaCha20-Poly1305 decryption function allows attackers to cause out-of-bounds memory access when proc...
Nov 21, 2025This CVE describes an integer underflow vulnerability in Honeywell Experion PKS Control Data Access (CDA) component. Attackers can manipulate input da...
Jul 10, 2025A buffer overflow vulnerability in the parallel HNSW index build functionality of pgvector allows authenticated database users to read sensitive data ...
Feb 25, 2026This vulnerability in strongSwan's eap-mschapv2 plugin allows a malicious EAP-MSCHAPv2 server to trigger an integer underflow and heap-based buffer ov...
Jan 16, 2026CVE-2022-28733 is an integer underflow vulnerability in GRUB2's network stack that allows remote attackers to cause buffer overflow via specially craf...
Jul 20, 2023This vulnerability allows attackers to bypass Secure Boot protections on affected systems, potentially enabling them to load and execute unauthorized ...
Jul 9, 2024Substance3D Stager versions 3.1.5 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user opens a...
Nov 11, 2025Adobe Illustrator on iPad versions 3.0.9 and earlier contain an integer underflow vulnerability that could allow attackers to execute arbitrary code w...
Nov 11, 2025Adobe Illustrator on iPad versions 3.0.9 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user ...
Nov 11, 2025This CVE describes an integer underflow vulnerability in Adobe Illustrator that could allow arbitrary code execution when a user opens a malicious fil...
Jul 8, 2025Adobe Bridge versions 15.0.3, 14.1.6 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user open...
May 13, 2025An integer underflow vulnerability in Adobe Animate allows arbitrary code execution when a user opens a malicious file. This affects users of Adobe An...
May 13, 2025Adobe Illustrator versions 29.1, 28.7.3 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user o...
Feb 11, 2025An integer underflow vulnerability in Adobe InCopy allows arbitrary code execution when a user opens a malicious file. This affects users of InCopy ve...
Feb 11, 2025An integer underflow vulnerability in Adobe InDesign allows arbitrary code execution when a user opens a malicious file. This affects users of InDesig...
Feb 11, 2025Adobe Animate versions 24.0.6, 23.0.9 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user ope...
Jan 14, 2025Adobe Illustrator on iPad versions 3.0.7 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user ...
Jan 14, 2025Adobe Illustrator on iPad versions 3.0.7 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user ...
Jan 14, 2025Adobe Photoshop Desktop versions 25.12, 26.1 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a u...
Jan 14, 2025CVE-2024-53955 is an integer underflow vulnerability in Adobe Bridge that could allow arbitrary code execution when a user opens a malicious file. Thi...
Dec 10, 2024About CWE-191 (CWE-191)
Our database tracks 121 CVEs classified as CWE-191, with 19 rated critical and 74 rated high severity. The average CVSS score for CWE-191 vulnerabilities is 7.6.
External reference: View CWE-191 on MITRE CWE →
Monitor CWE-191 Vulnerabilities
Get alerted when new CWE-191 CVEs affect your infrastructure.
Start Monitoring Free