CWE-680 · Integer Overflow to Buffer Overflow
105 CVEs classified under CWE-680 (Integer Overflow to Buffer Overflow). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-8376 | Critical | 9.8 | 2026-05-26 | Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk i… |
CVE-2025-54952 | Critical | 9.8 | 2025-08-08 | An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in… |
CVE-2024-33078 | Critical | 9.8 | 2024-05-01 | Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution. |
CVE-2022-35289 | Critical | 9.8 | 2022-10-11 | A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially… |
CVE-2021-40417 | Critical | 9.8 | 2021-12-22 | When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with t… |
CVE-2021-21832 | Critical | 9.8 | 2021-08-17 | A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can… |
CVE-2021-21783 | Critical | 9.8 | 2021-03-25 | A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote c… |
CVE-2020-13576 | Critical | 9.8 | 2021-02-10 | A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote c… |
CVE-2018-8795 | Critical | 9.8 | 2019-02-05 | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and re… |
CVE-2018-8794 | Critical | 9.8 | 2019-02-05 | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results… |
CVE-2018-8787 | Critical | 9.8 | 2018-11-29 | FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a… |
CVE-2018-8786 | Critical | 9.8 | 2018-11-29 | FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and result… |
CVE-2025-53510 | High | 8.8 | 2025-08-25 | A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .p… |
CVE-2025-52930 | High | 8.8 | 2025-08-25 | A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data f… |
CVE-2025-52456 | High | 8.8 | 2025-08-25 | A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted… |
CVE-2025-46407 | High | 8.8 | 2025-08-25 | A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafte… |
CVE-2025-32468 | High | 8.8 | 2025-08-25 | A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted… |
CVE-2021-32765 | High | 8.8 | 2021-10-04 | Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously craft… |
CVE-2021-21850 | High | 8.8 | 2021-08-25 | An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A special… |
CVE-2021-21849 | High | 8.8 | 2021-08-25 | An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A special… |