CWE-190 · Integer Overflow or Wraparound
3222 CVEs classified under CWE-190 (Integer Overflow or Wraparound). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-4689 | Critical | 10.0 | 2026-03-24 | Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34… |
CVE-2025-64721 | Critical | 10.0 | 2025-12-11 | Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.6 and below, the SYSTEM-level servic… |
CVE-2026-33642 | Critical | 9.9 | 2026-05-19 | Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handle_compose_command() function in kitty/graphics.c performs bounds validatio… |
CVE-2020-27484 | Critical | 9.9 | 2020-11-16 | Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the at… |
CVE-2026-47291 | Critical | 9.8 | 2026-06-09 | Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. |
CVE-2026-46039 | Critical | 9.8 | 2026-05-27 | In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rx… |
CVE-2026-48691 | Critical | 9.8 | 2026-05-26 | FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute encoder. In src/bgp_protocol.hpp, the IPv4UnicastAnnounce… |
CVE-2026-8631 | Critical | 9.8 | 2026-05-20 | A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of priv… |
CVE-2026-8956 | Critical | 9.8 | 2026-05-19 | Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
CVE-2026-42217 | Critical | 9.8 | 2026-05-07 | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions… |
CVE-2026-31649 | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementatio… |
CVE-2026-31633 | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In rxgk_verify_response(), there's… |
CVE-2026-20889 | Critical | 9.8 | 2026-04-07 | A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead t… |
CVE-2026-30909 | Critical | 9.8 | 2026-03-08 | Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcm_encrypt_afternm and seal functions do not che… |
CVE-2026-2781 | Critical | 9.8 | 2026-02-24 | Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Fir… |
CVE-2026-2774 | Critical | 9.8 | 2026-02-24 | Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunder… |
CVE-2026-2762 | Critical | 9.8 | 2026-02-24 | Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbir… |
CVE-2026-24830 | Critical | 9.8 | 2026-01-27 | Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2. |
CVE-2025-14308 | Critical | 9.8 | 2025-12-09 | An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length… |
CVE-2025-27918 | Critical | 9.8 | 2025-11-06 | An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and… |