CWE-191 · Integer Underflow
470 CVEs classified under CWE-191 (Integer Underflow). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-37534 | Critical | 9.8 | 2026-05-01 | Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_T… |
CVE-2025-52471 | Critical | 9.8 | 2025-06-24 | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol impleme… |
CVE-2025-30356 | Critical | 9.8 | 2025-04-01 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between… |
CVE-2025-29913 | Critical | 9.8 | 2025-03-17 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between… |
CVE-2025-29912 | Critical | 9.8 | 2025-03-17 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between… |
CVE-2025-29909 | Critical | 9.8 | 2025-03-17 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between… |
CVE-2024-47606 | Critical | 9.8 | 2024-12-12 | GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extens… |
CVE-2018-9388 | Critical | 9.8 | 2024-12-05 | In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. T… |
CVE-2024-38063 | Critical | 9.8 | 2024-08-13 | Windows TCP/IP Remote Code Execution Vulnerability |
CVE-2024-38074 | Critical | 9.8 | 2024-07-09 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
CVE-2024-23313 | Critical | 9.8 | 2024-02-20 | An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially… |
CVE-2024-0808 | Critical | 9.8 | 2024-01-24 | Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chro… |
CVE-2023-32653 | Critical | 9.8 | 2023-09-25 | An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead… |
CVE-2023-38427 | Critical | 9.8 | 2023-07-18 | An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_co… |
CVE-2023-32014 | Critical | 9.8 | 2023-06-14 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
CVE-2023-28250 | Critical | 9.8 | 2023-04-11 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
CVE-2023-21708 | Critical | 9.8 | 2023-03-14 | Remote Procedure Call Runtime Remote Code Execution Vulnerability |
CVE-2022-4338 | Critical | 9.8 | 2023-01-10 | An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. |
CVE-2021-40589 | Critical | 9.8 | 2022-06-08 | ZAngband zangband-data 2.7.5 is affected by an integer underflow vulnerability in src/tk/plat.c through the variable fileheader.bfOffBits. |
CVE-2021-1920 | Critical | 9.8 | 2021-09-08 | Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consu… |