Skip to main content

Integer Overflow

memory MEDIUM

Integer overflow occurs when an arithmetic operation produces a result that exceeds the maximum value a given integer type can store.

How It Works

Integer overflow occurs when an arithmetic operation produces a result that exceeds the maximum value a given integer type can store. In C/C++, this causes the value to "wrap around" to a small number—for example, if a 32-bit unsigned integer at maximum value (4,294,967,295) has 1 added, it wraps to 0. Attackers exploit this by providing carefully crafted input values that, when used in calculations, produce unexpectedly small results.

The most dangerous scenario involves memory allocation. An attacker supplies large values that overflow during size calculations (often when adding header sizes, element counts, or alignment padding), producing a small allocation size. When the program later writes the originally intended large amount of data into this undersized buffer, a heap overflow occurs. For instance: size = user_count * sizeof(struct) + header might overflow if user_count is sufficiently large, resulting in malloc() allocating a tiny buffer that subsequent operations overflow.

Integer overflows also enable logic bypasses. Length checks can be circumvented when overflowed values appear to pass validation. Loop bounds may become incorrect, causing excessive iterations or premature termination. Signed integer overflow (technically undefined behavior in C/C++) can flip positive values to negative, bypassing security checks that assume non-negative numbers.

Impact

  • Heap buffer overflow: Undersized allocations lead to memory corruption, enabling arbitrary code execution
  • Authentication bypass: Overflowed counters or size checks may skip security validations
  • Denial of service: Invalid memory operations cause crashes or infinite loops
  • Information disclosure: Incorrect bounds allow reading beyond intended memory regions
  • Privilege escalation: Combined with memory corruption, can compromise system integrity

Real-World Examples

The OpenSSH authentication bypass (CVE-2002-0639) involved an integer overflow in challenge-response handling where the number of responses could overflow, allowing authentication bypass. The overflow caused allocation of insufficient memory, which subsequent code exploited to execute arbitrary code.

ImageMagick suffered multiple integer overflow vulnerabilities (CVE-2016-3714 and related) where maliciously crafted image files with extreme dimension values caused size calculations to overflow. This resulted in small heap allocations followed by large writes, enabling remote code execution through image processing.

The Linux kernel's do_brk() function (CVE-2003-0961) contained an integer overflow when calculating memory region sizes. Attackers could wrap the size value to bypass length checks and map memory at arbitrary locations, achieving local privilege escalation.

Mitigation

  • Safe arithmetic libraries: Use compiler intrinsics (__builtin_add_overflow) or libraries (SafeInt, Rust's checked arithmetic) that detect overflow
  • Pre-calculation validation: Check that operands won't overflow before performing arithmetic operations
  • Compiler protections: Enable -ftrapv (GCC) or /RTCc (MSVC) to trap signed overflow; use UBSan for detection
  • Use larger types: Perform calculations in 64-bit integers when operands are 32-bit, verify result fits before casting down
  • Input validation: Enforce maximum reasonable values on user input before arithmetic
  • Modern languages: Use languages with overflow checking (Rust, Swift) or arbitrary precision integers (Python, Java BigInteger)

Recent CVEs (2762)

EPSS 6% CVSS 8.8
HIGH PATCH This Week

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Adobe RCE +8
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Week

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Adobe RCE +8
NVD
EPSS 1% CVSS 5.9
MEDIUM POC This Month

chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Fedora +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Debian Linux +2
NVD
EPSS 89% 7.9 CVSS 8.8
HIGH KEV PATCH THREAT Act Now

Remote code execution in Adobe Flash Player allows network attackers to execute arbitrary code via integer overflow exploitation. Confirmed actively exploited (CISA KEV) with 88.97% EPSS score indicating extremely high real-world exploitation probability. Affects Flash Player before 18.0.0.324/20.0.0.267, Adobe AIR before 20.0.0.233, and associated SDKs across Windows, OS X, and Linux platforms. Vendor-released patches available since December 2015.

Adobe Integer Overflow Microsoft +1
NVD VulDB
EPSS 2% CVSS 9.8
CRITICAL Act Now

PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Perl Compatible Regular Expression Library +1
NVD
EPSS 1% CVSS 7.3
HIGH This Week

PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Perl Compatible Regular Expression Library +2
NVD
EPSS 50% CVSS 6.8
MEDIUM This Month

Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 49.6% and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +6
NVD
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux +5
NVD GitHub
EPSS 28% CVSS 9.3
CRITICAL PATCH Act Now

Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.0%.

Integer Overflow RCE Microsoft +9
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +3
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Integer Overflow Denial Of Service Google +14
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Integer Overflow Adobe RCE +5
NVD
EPSS 5% CVSS 10.0
CRITICAL PATCH Act Now

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Adobe RCE +5
NVD
EPSS 5% CVSS 10.0
CRITICAL PATCH Act Now

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Adobe RCE +5
NVD
EPSS 8% CVSS 7.5
HIGH PATCH Act Now

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Buffer Overflow +6
NVD
EPSS 33% CVSS 6.8
MEDIUM POC THREAT This Month

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 32.9%.

Integer Overflow RCE Buffer Overflow +5
NVD
EPSS 1% CVSS 5.0
MEDIUM POC This Month

Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service (crash) via large dimensions in a BMP image, which triggers a buffer overflow. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Google +7
NVD
EPSS 2% CVSS 5.0
MEDIUM PATCH This Month

Integer overflow in the crypt_raw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Buffer Overflow Jbcrypt +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Vtscada
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow RCE Buffer Overflow +4
NVD
EPSS 7% CVSS 7.5
HIGH PATCH This Week

Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow +5
NVD
EPSS 28% CVSS 5.0
MEDIUM POC THREAT This Month

Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.3%.

Integer Overflow Denial Of Service Opensuse +3
NVD Exploit-DB
EPSS 89% 6.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 89.0%.

Integer Overflow Adobe RCE +8
NVD Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux +9
NVD GitHub
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Linux +3
NVD GitHub
EPSS 9% CVSS 7.3
HIGH PATCH This Week

Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Linux +6
NVD GitHub
EPSS 0% CVSS 4.9
MEDIUM POC PATCH This Month

The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Linux +3
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Google +2
NVD VulDB
EPSS 93% 7.8 CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Adobe Integer Overflow Microsoft +1
NVD Exploit-DB VulDB
EPSS 3% CVSS 5.0
MEDIUM PATCH This Month

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Integer Overflow Pixman +9
NVD
EPSS 7% CVSS 5.0
MEDIUM PATCH This Month

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Integer Overflow Pixman +3
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Integer Overflow +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Integer Overflow +9
NVD
EPSS 2% CVSS 6.9
MEDIUM POC PATCH This Month

Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Integer Overflow +10
NVD Exploit-DB
EPSS 72% 4.0 CVSS 9.3
CRITICAL PATCH Act Now

Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 71.8%.

Denial Of Service Buffer Overflow Microsoft +12
NVD
EPSS 8% CVSS 5.0
MEDIUM POC This Month

Integer overflow in the OZDocument::parseElement function in Apple Motion 5.0.7 allows remote attackers to cause a denial of service (application crash) via a (1) large or (2) small value in the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Integer Overflow +1
NVD Exploit-DB
EPSS 4% CVSS 7.5
HIGH POC PATCH This Week

Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow RCE Denial Of Service +3
NVD
EPSS 90% 7.6 CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Adobe Integer Overflow RCE
NVD GitHub Exploit-DB VulDB
EPSS 65% CVSS 9.3
CRITICAL Emergency

Integer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper allocation-size calculation, aka "Publisher. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.8% and no vendor patch available.

RCE Microsoft Integer Overflow +1
NVD
EPSS 3% 4.6 CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Integer Overflow Buffer Overflow Google +1
NVD GitHub VulDB
EPSS 7% CVSS 10.0
CRITICAL Act Now

Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Adobe Microsoft +11
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Denial Of Service Buffer Overflow +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Microsoft +3
NVD
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Integer Overflow +3
NVD
EPSS 4% CVSS 9.3
CRITICAL PATCH Act Now

Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Buffer Overflow RCE Mozilla +15
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Integer Overflow +2
NVD
EPSS 1% CVSS 10.0
CRITICAL POC Act Now

Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Mozilla Denial Of Service +14
NVD
EPSS 77% 7.1 CVSS 8.8
HIGH POC KEV THREAT Act Now

Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Adobe Integer Overflow RCE
NVD VulDB
EPSS 4% CVSS 6.8
MEDIUM This Month

Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Denial Of Service +2
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Buffer Overflow Adobe +3
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Integer Overflow +1
NVD
EPSS 4% CVSS 9.3
CRITICAL Act Now

Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Adobe Microsoft +11
NVD
EPSS 7% CVSS 7.5
HIGH PATCH This Week

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Integer Overflow +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Denial Of Service +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Linux +3
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Linux +2
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A critical integer overflow vulnerability exists in GStreamer's gst-plugins-base package before version 0.10.23, allowing remote attackers to execute arbitrary code through specially crafted COVERART tags in Vorbis audio files. The vulnerability triggers when base64-encoded cover art data causes an integer overflow during memory allocation, leading to a heap buffer overflow with full code execution potential. With an EPSS score of 2.82% (86th percentile) and patches available since 2009, this represents a high-severity but dated vulnerability that may still affect legacy systems.

Buffer Overflow RCE Integer Overflow
NVD VulDB
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

jq, the command-line JSON processor, was patched in Alpine Linux with package version 1.8.2-r0. The specific vulnerability details - including the nature of the flaw, affected upstream jq versions, and precise impact - are not disclosed in the available intelligence. The sole data point is a vendor-sourced fix notification from Alpine Linux, making a full characterization of attacker capability and affected scope impossible at this time.

Information Disclosure Integer Overflow Jq
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

libssh in Alpine Linux was patched at package version 0.11.2-r0, addressing an unspecified vulnerability tracked as CVE-2025-5449. The nature of the vulnerability - its root cause, attack vector, and impact - is not disclosed in available intelligence sources. The EPSS score of 0.52% (67th percentile) indicates moderate relative ranking among CVEs but low absolute exploitation probability. No active exploitation has been confirmed, and no public exploit code has been identified at time of analysis.

Information Disclosure Integer Overflow Libssh
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Alpine Linux: mbedtls fixed in 2.28.7-r0

Information Disclosure Integer Overflow
NVD VulDB
Prev Page 31 of 31

Quick Facts

Typical Severity
MEDIUM
Category
memory
Total CVEs
2762

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy