CWE-682 · Incorrect Calculation
127 CVEs classified under CWE-682 (Incorrect Calculation). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-2163 | Critical | 10.0 | 2023-09-20 | Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kerne… |
CVE-2026-1229 | Critical | 9.8 | 2026-02-24 | The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete… |
CVE-2024-36736 | Critical | 9.8 | 2024-06-06 | An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation is performed. |
CVE-2022-30600 | Critical | 9.8 | 2022-05-18 | A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. |
CVE-2021-44847 | Critical | 9.8 | 2021-12-13 | A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calcul… |
CVE-2020-0221 | Critical | 9.8 | 2020-05-14 | Airbrush FW's scratch memory allocator is susceptible to numeric overflow. When the overflow occurs, the next allocation could potentially return a pointer wit… |
CVE-2018-8319 | Critical | 9.8 | 2018-07-11 | A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript… |
CVE-2022-23066 | Critical | 9.1 | 2022-05-09 | In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead t… |
CVE-2024-23981 | High | 8.8 | 2024-08-14 | Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user t… |
CVE-2023-35641 | High | 8.8 | 2023-12-12 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
CVE-2022-28048 | High | 8.8 | 2022-04-15 | STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac. |
CVE-2021-45960 | High | 8.8 | 2022-01-01 | In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., alloca… |
CVE-2020-0022 | High | 8.8 | 2020-02-13 | In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote cod… |
CVE-2019-19578 | High | 8.8 | 2019-12-11 | An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because o… |
CVE-2019-5853 | High | 8.8 | 2019-11-25 | Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafte… |
CVE-2019-16347 | High | 8.8 | 2019-09-16 | ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandle… |
CVE-2019-16346 | High | 8.8 | 2019-09-16 | ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. |
CVE-2017-13151 | High | 8.8 | 2017-12-06 | A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-6… |
CVE-2017-12135 | High | 8.8 | 2017-08-24 | Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transiti… |
CVE-2017-12134 | High | 8.8 | 2017-08-24 | The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently… |