CWE-191
AllowedInteger Underflow (Wrap or Wraparound)
Abstraction: Base · Status: Draft
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
640 vulnerabilities reference this CWE, most recent first.
GHSA-Q4R3-MQQ6-78X5
Vulnerability from github – Published: 2022-05-24 16:50 – Updated: 2022-05-24 16:50An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.
{
"affected": [],
"aliases": [
"CVE-2019-13602"
],
"database_specific": {
"cwe_ids": [
"CWE-191",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-14T21:15:00Z",
"severity": "HIGH"
},
"details": "An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.",
"id": "GHSA-q4r3-mqq6-78x5",
"modified": "2022-05-24T16:50:13Z",
"published": "2022-05-24T16:50:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13602"
},
{
"type": "WEB",
"url": "https://git.videolan.org/?p=vlc.git;a=commit;h=8e8e0d72447f8378244f5b4a3dcde036dbeb1491"
},
{
"type": "WEB",
"url": "https://git.videolan.org/?p=vlc.git;a=commit;h=b2b157076d9e94df34502dd8df0787deb940e938"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Aug/36"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201909-02"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4074-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4504"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00036.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00046.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/109158"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q94H-VC2H-J68G
Vulnerability from github – Published: 2022-05-01 01:47 – Updated: 2024-02-08 18:30Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
{
"affected": [],
"aliases": [
"CVE-2005-0199"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2005-05-02T04:00:00Z",
"severity": "HIGH"
},
"details": "Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.",
"id": "GHSA-q94h-vc2h-j68g",
"modified": "2024-02-08T18:30:37Z",
"published": "2022-05-01T01:47:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0199"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19143"
},
{
"type": "WEB",
"url": "http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html"
},
{
"type": "WEB",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=79705"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/14056"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/14059"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1013047"
},
{
"type": "WEB",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/12397"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QC3G-XJ9R-Q7VM
Vulnerability from github – Published: 2022-05-14 02:00 – Updated: 2022-05-14 02:00In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on buffer length while processing debug log event from firmware can lead to an integer overflow.
{
"affected": [],
"aliases": [
"CVE-2018-11301"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-18T18:29:00Z",
"severity": "HIGH"
},
"details": "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on buffer length while processing debug log event from firmware can lead to an integer overflow.",
"id": "GHSA-qc3g-xj9r-q7vm",
"modified": "2022-05-14T02:00:29Z",
"published": "2022-05-14T02:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11301"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=31ad3a5a7458e60f5e0ba4f492cebe1f1bda0964"
},
{
"type": "WEB",
"url": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QFGJ-VXWQ-R49V
Vulnerability from github – Published: 2022-05-13 01:25 – Updated: 2022-05-13 01:25Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read.
{
"affected": [],
"aliases": [
"CVE-2011-1770"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-06-24T20:55:00Z",
"severity": "HIGH"
},
"details": "Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read.",
"id": "GHSA-qfgj-vxwq-r49v",
"modified": "2022-05-13T01:25:05Z",
"published": "2022-05-13T01:25:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1770"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2011:0836"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2011:1253"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2011-1770"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703011"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-kernel\u0026m=130468845209036\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-kernel\u0026m=130469305815140\u0026w=2"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/44932"
},
{
"type": "WEB",
"url": "http://securityreason.com/securityalert/8286"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/47769"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1025592"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QM7W-RP99-M478
Vulnerability from github – Published: 2025-01-14 21:31 – Updated: 2025-01-14 21:31Animate versions 24.0.6, 23.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2025-21135"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T20:15:30Z",
"severity": "HIGH"
},
"details": "Animate versions 24.0.6, 23.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-qm7w-rp99-m478",
"modified": "2025-01-14T21:31:48Z",
"published": "2025-01-14T21:31:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21135"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/animate/apsb25-05.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQR8-VWW9-H837
Vulnerability from github – Published: 2022-05-24 17:09 – Updated: 2022-05-24 17:09An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2019-5148"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-02-25T16:15:00Z",
"severity": "MODERATE"
},
"details": "An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability.",
"id": "GHSA-qqr8-vww9-h837",
"modified": "2022-05-24T17:09:37Z",
"published": "2022-05-24T17:09:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5148"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0938"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QW9P-XH57-VVWJ
Vulnerability from github – Published: 2025-05-13 18:30 – Updated: 2025-05-13 18:30Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.
{
"affected": [],
"aliases": [
"CVE-2025-29974"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-13T17:15:58Z",
"severity": "MODERATE"
},
"details": "Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.",
"id": "GHSA-qw9p-xh57-vvwj",
"modified": "2025-05-13T18:30:55Z",
"published": "2025-05-13T18:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29974"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29974"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QWPM-85R5-4M77
Vulnerability from github – Published: 2022-05-24 17:41 – Updated: 2022-05-24 17:41An integer underflow has been found in the latest version of ZCFees. The variables 'currPeriodIdx' and 'lastPeriodExecIdx' are both unsigned integers, and the result of the minus operation may be a negative integer which leads to an underflow. The attackers can modify the current timestamp of the transaction somehow and block the execution of the process function.
{
"affected": [],
"aliases": [
"CVE-2020-24837"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-10T16:15:00Z",
"severity": "HIGH"
},
"details": "An integer underflow has been found in the latest version of ZCFees. The variables \u0027currPeriodIdx\u0027 and \u0027lastPeriodExecIdx\u0027 are both unsigned integers, and the result of the minus operation may be a negative integer which leads to an underflow. The attackers can modify the current timestamp of the transaction somehow and block the execution of the process function.",
"id": "GHSA-qwpm-85r5-4m77",
"modified": "2022-05-24T17:41:41Z",
"published": "2022-05-24T17:41:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24837"
},
{
"type": "WEB",
"url": "https://etherscan.io/address/0x9d79c6e2a0222b9ac7bfabc447209c58fe9e0dcc#code"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QX9J-Q623-P5FH
Vulnerability from github – Published: 2022-05-14 01:49 – Updated: 2025-10-22 03:30Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2014-0497"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-02-05T05:15:00Z",
"severity": "HIGH"
},
"details": "Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.",
"id": "GHSA-qx9j-q623-p5fh",
"modified": "2025-10-22T03:30:35Z",
"published": "2022-05-14T01:49:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0497"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0497"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html"
},
{
"type": "WEB",
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/56437"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/56737"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/56780"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/56799"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/56839"
},
{
"type": "WEB",
"url": "http://www.exploit-db.com/exploits/33212"
},
{
"type": "WEB",
"url": "http://www.osvdb.org/102849"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/65327"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1029715"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R4RC-XGV6-JV68
Vulnerability from github – Published: 2022-05-14 03:26 – Updated: 2022-05-14 03:26In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory.
{
"affected": [],
"aliases": [
"CVE-2015-9198"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-18T14:29:00Z",
"severity": "CRITICAL"
},
"details": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory.",
"id": "GHSA-r4rc-xgv6-jv68",
"modified": "2022-05-14T03:26:16Z",
"published": "2022-05-14T03:26:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9198"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103671"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.