CWE-195
16 CVEs classified under CWE-195. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-49847 | High | 8.8 | 2025-06-17 | llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in l… |
CVE-2011-3045 | High | 8.8 | 2012-03-22 | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other product… |
CVE-2025-52566 | High | 8.6 | 2025-06-24 | llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer impl… |
CVE-2016-6560 | High | 8.6 | 2017-03-31 | illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash. |
CVE-2022-43663 | High | 8.1 | 2023-03-20 | An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network pa… |
CVE-2020-6096 | High | 8.1 | 2020-04-01 | An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that util… |
CVE-2023-33034 | High | 7.8 | 2023-10-03 | Memory corruption while parsing the ADSP response command. |
CVE-2023-5184 | High | 7.0 | 2023-09-27 | Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. |
CVE-2023-28063 | Medium | 6.7 | 2024-02-06 | Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit t… |
CVE-2026-26981 | Medium | 6.5 | 2026-02-24 | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3… |
CVE-2025-30646 | Medium | 6.5 | 2025-04-09 | A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS E… |
CVE-2023-3635 | Medium | 5.9 | 2023-07-12 | GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when h… |
CVE-2025-67897 | Medium | 5.3 | 2025-12-14 | In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an applica… |
CVE-2025-24792 | Medium | 4.4 | 2025-01-29 | Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects (PDO) extension to connect to the Snowflake database. Snowflake discovered and remediated a… |
CVE-2026-41682 | | 2026-05-08 | pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port… | |
CVE-2020-1913 | | 2020-09-09 | An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause… |