Skip to main content

CWE-195

Signed to Unsigned Conversion Error

11 CVEs Avg CVSS 7.4 MITRE
0
CRITICAL
8
HIGH
3
MEDIUM
0
LOW
2
POC
0
KEV

Monthly

CVE-2026-41682 MEDIUM PATCH This Month

pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi() cast in parse_uri(). This issue has been patched in version 1.18.5.

Information Disclosure Pupnp
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-26981 PyPI MEDIUM POC PATCH GHSA This Month

OpenEXR versions 3.3.0-3.3.6 and 3.4.0-3.4.4 are vulnerable to a heap buffer overflow in file parsing due to improper integer handling when processing malformed EXR files, allowing attackers to trigger a denial of service through memory-mapped streams. Public exploit code exists for this vulnerability. Patched versions 3.3.7 and 3.4.5 are available.

Buffer Overflow Openexr Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-65495 HIGH PATCH This Month

Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Libcoap Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-30646 HIGH This Week

A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-24792 MEDIUM Monitor

Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects (PDO) extension to connect to the Snowflake database. Rated medium severity (CVSS 4.4). No vendor patch available.

Denial Of Service PHP
NVD GitHub
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-25388 HIGH This Week

drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Rt Thread
NVD GitHub
CVSS 3.1
8.4
EPSS
0.3%
CVE-2023-33034 HIGH PATCH This Week

Memory corruption while parsing the ADSP response command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware Wcn3998 Firmware +60
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-3635 Maven HIGH POC PATCH This Week

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Okio
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-1913 npm HIGH PATCH This Week

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Hermes
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2020-6096 HIGH This Week

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Glibc Fedora Debian Linux
NVD
CVSS 3.1
8.1
EPSS
5.2%
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi() cast in parse_uri(). This issue has been patched in version 1.18.5.

Information Disclosure Pupnp
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

OpenEXR versions 3.3.0-3.3.6 and 3.4.0-3.4.4 are vulnerable to a heap buffer overflow in file parsing due to improper integer handling when processing malformed EXR files, allowing attackers to trigger a denial of service through memory-mapped streams. Public exploit code exists for this vulnerability. Patched versions 3.3.7 and 3.4.5 are available.

Buffer Overflow Openexr Red Hat +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Month

Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Libcoap Suse
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos +1
NVD
EPSS 0% CVSS 4.4
MEDIUM Monitor

Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects (PDO) extension to connect to the Snowflake database. Rated medium severity (CVSS 4.4). No vendor patch available.

Denial Of Service PHP
NVD GitHub
EPSS 0% CVSS 8.4
HIGH This Week

drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Rt Thread
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while parsing the ADSP response command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware +62
NVD
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Okio
NVD GitHub
EPSS 1% CVSS 8.1
HIGH PATCH This Week

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Hermes
NVD GitHub
EPSS 5% CVSS 8.1
HIGH This Week

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Glibc Fedora +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy