CWE-680 · Integer Overflow to Buffer Overflow

105 CVEs classified under CWE-680 (Integer Overflow to Buffer Overflow). Browse by severity and year.

Top CVEs for CWE-680
CVESeverityScorePublishedSummary
CVE-2026-8376Critical9.82026-05-26Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk i…
CVE-2025-54952Critical9.82025-08-08An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in…
CVE-2024-33078Critical9.82024-05-01Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution.
CVE-2022-35289Critical9.82022-10-11A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially…
CVE-2021-40417Critical9.82021-12-22When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with t…
CVE-2021-21832Critical9.82021-08-17A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can…
CVE-2021-21783Critical9.82021-03-25A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote c…
CVE-2020-13576Critical9.82021-02-10A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote c…
CVE-2018-8795Critical9.82019-02-05rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and re…
CVE-2018-8794Critical9.82019-02-05rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results…
CVE-2018-8787Critical9.82018-11-29FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a…
CVE-2018-8786Critical9.82018-11-29FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and result…
CVE-2025-53510High8.82025-08-25A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .p…
CVE-2025-52930High8.82025-08-25A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data f…
CVE-2025-52456High8.82025-08-25A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted…
CVE-2025-46407High8.82025-08-25A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafte…
CVE-2025-32468High8.82025-08-25A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted…
CVE-2021-32765High8.82021-10-04Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously craft…
CVE-2021-21850High8.82021-08-25An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A special…
CVE-2021-21849High8.82021-08-25An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A special…