CWE-681 · Incorrect Conversion between Numeric Types
56 CVEs classified under CWE-681 (Incorrect Conversion between Numeric Types). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-3074 | Critical | 9.8 | 2016-04-26 | Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute… |
CVE-2022-36025 | Critical | 9.1 | 2022-09-24 | Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An e… |
CVE-2026-26178 | High | 8.8 | 2026-04-14 | Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally. |
CVE-2026-21693 | High | 8.8 | 2026-01-07 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2026-21688 | High | 8.8 | 2026-01-07 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2024-49093 | High | 8.8 | 2024-12-10 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
CVE-2024-26162 | High | 8.8 | 2024-03-12 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
CVE-2023-24884 | High | 8.8 | 2023-04-11 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
CVE-2023-23388 | High | 8.8 | 2023-03-14 | Windows Bluetooth Driver Elevation of Privilege Vulnerability |
CVE-2026-4931 | High | 8.6 | 2026-04-07 | Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost. |
CVE-2023-46848 | High | 8.6 | 2023-11-03 | Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs… |
CVE-2023-20006 | High | 8.6 | 2023-06-28 | A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense… |
CVE-2025-53733 | High | 8.4 | 2025-08-12 | Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2021-27478 | High | 8.2 | 2022-05-12 | A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may cause a denial-of-service… |
CVE-2026-24192 | High | 7.8 | 2026-05-26 | NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer… |
CVE-2026-24856 | High | 7.8 | 2026-01-28 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to… |
CVE-2026-21673 | High | 7.8 | 2026-01-06 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have overflows and underflows in CIccXml… |
CVE-2025-24059 | High | 7.8 | 2025-03-11 | Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
CVE-2023-29346 | High | 7.8 | 2023-06-13 | NTFS Elevation of Privilege Vulnerability |
CVE-2023-23401 | High | 7.8 | 2023-03-14 | Windows Media Remote Code Execution Vulnerability |