CWE-191
AllowedInteger Underflow (Wrap or Wraparound)
Abstraction: Base · Status: Draft
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
640 vulnerabilities reference this CWE, most recent first.
GHSA-R5M2-PQWJ-6PX8
Vulnerability from github – Published: 2022-12-13 18:30 – Updated: 2022-12-15 06:30In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242459126
{
"affected": [],
"aliases": [
"CVE-2022-20483"
],
"database_specific": {
"cwe_ids": [
"CWE-190",
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-13T16:15:00Z",
"severity": "HIGH"
},
"details": "In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242459126",
"id": "GHSA-r5m2-pqwj-6px8",
"modified": "2022-12-15T06:30:29Z",
"published": "2022-12-13T18:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20483"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2022-12-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R744-PHRQ-6W44
Vulnerability from github – Published: 2023-04-13 09:30 – Updated: 2024-04-04 03:25Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
{
"affected": [],
"aliases": [
"CVE-2023-21630"
],
"database_specific": {
"cwe_ids": [
"CWE-190",
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-13T07:15:00Z",
"severity": "HIGH"
},
"details": "Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.",
"id": "GHSA-r744-phrq-6w44",
"modified": "2024-04-04T03:25:51Z",
"published": "2023-04-13T09:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21630"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R792-MHJ6-WC9X
Vulnerability from github – Published: 2025-07-09 00:30 – Updated: 2025-07-09 00:30InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2025-47097"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-08T23:15:23Z",
"severity": "HIGH"
},
"details": "InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-r792-mhj6-wc9x",
"modified": "2025-07-09T00:30:33Z",
"published": "2025-07-09T00:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47097"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/incopy/apsb25-59.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R7F8-W95Q-C4G4
Vulnerability from github – Published: 2025-08-06 15:31 – Updated: 2025-08-06 15:31NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerability might lead to denial of service.
{
"affected": [],
"aliases": [
"CVE-2025-23335"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-06T13:15:41Z",
"severity": "MODERATE"
},
"details": "NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerability might lead to denial of service.",
"id": "GHSA-r7f8-w95q-c4g4",
"modified": "2025-08-06T15:31:27Z",
"published": "2025-08-06T15:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23335"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5687"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23335"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RF5J-JVR6-2G8R
Vulnerability from github – Published: 2022-05-24 16:52 – Updated: 2026-05-12 12:31In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.
{
"affected": [],
"aliases": [
"CVE-2019-13104"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-191",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-06T19:15:00Z",
"severity": "HIGH"
},
"details": "In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.",
"id": "GHSA-rf5j-jvr6-2g8r",
"modified": "2026-05-12T12:31:27Z",
"published": "2022-05-24T16:52:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13104"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-577017.html"
},
{
"type": "WEB",
"url": "https://gist.github.com/deephooloovoo/d91b81a1674b4750e662dfae93804d75"
},
{
"type": "WEB",
"url": "https://github.com/u-boot/u-boot/commits/master"
},
{
"type": "WEB",
"url": "https://lists.denx.de/pipermail/u-boot/2019-July/375514.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00002.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00004.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RGGJ-RV54-4GVX
Vulnerability from github – Published: 2026-07-01 15:35 – Updated: 2026-07-01 15:35FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during interleaved read/write on fragmented filesystems. This maps to CWE-191 (Integer Underflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H (6.1, Medium). The estimated CISA SSVC vectors are Exploitation: PoC, Technical Impact: Total.
{
"affected": [],
"aliases": [
"CVE-2026-6685"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-01T15:17:12Z",
"severity": "MODERATE"
},
"details": "FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp-\u003esect - sect \u003c cc) during interleaved read/write on fragmented filesystems. This maps to CWE-191 (Integer Underflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H (6.1, Medium). The estimated CISA SSVC vectors are Exploitation: PoC, Technical Impact: Total.",
"id": "GHSA-rggj-rv54-4gvx",
"modified": "2026-07-01T15:35:20Z",
"published": "2026-07-01T15:35:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6685"
},
{
"type": "WEB",
"url": "https://elm-chan.org/fsw/ff"
},
{
"type": "WEB",
"url": "https://github.com/runZeroInc/vulns-2026-fatfs-chance"
},
{
"type": "WEB",
"url": "https://www.runzero.com/advisories/fatfs-unsigned-sub-wrap-cve-2026-6685"
},
{
"type": "WEB",
"url": "https://www.runzero.com/blog/fatfs-bugs"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RJ65-H7Q6-63QC
Vulnerability from github – Published: 2024-05-14 18:31 – Updated: 2024-05-14 18:31Windows DWM Core Library Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-30008"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T17:16:38Z",
"severity": "MODERATE"
},
"details": "Windows DWM Core Library Information Disclosure Vulnerability",
"id": "GHSA-rj65-h7q6-63qc",
"modified": "2024-05-14T18:31:03Z",
"published": "2024-05-14T18:31:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30008"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RM63-3CV3-QM5W
Vulnerability from github – Published: 2026-03-19 15:31 – Updated: 2026-03-19 15:31A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.
{
"affected": [],
"aliases": [
"CVE-2026-2369"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-19T15:16:25Z",
"severity": "MODERATE"
},
"details": "A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.",
"id": "GHSA-rm63-3cv3-qm5w",
"modified": "2026-03-19T15:31:21Z",
"published": "2026-03-19T15:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2369"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-2369"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439091"
},
{
"type": "WEB",
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/498"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-RP7R-6FG8-PP22
Vulnerability from github – Published: 2022-04-12 00:00 – Updated: 2022-04-19 00:01In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.
{
"affected": [],
"aliases": [
"CVE-2022-20073"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-11T20:15:00Z",
"severity": "MODERATE"
},
"details": "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.",
"id": "GHSA-rp7r-6fg8-pp22",
"modified": "2022-04-19T00:01:22Z",
"published": "2022-04-12T00:00:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20073"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RQ5W-QX3V-GRH4
Vulnerability from github – Published: 2022-05-27 00:00 – Updated: 2022-06-09 00:00An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
{
"affected": [],
"aliases": [
"CVE-2022-30787"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-26T16:15:00Z",
"severity": "MODERATE"
},
"details": "An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.",
"id": "GHSA-rq5w-qx3v-grh4",
"modified": "2022-06-09T00:00:20Z",
"published": "2022-05-27T00:00:48Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-6mv4-4v73-xw58"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30787"
},
{
"type": "WEB",
"url": "https://github.com/tuxera/ntfs-3g/releases"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7JPX6OUCQKZX4PN5DQPVDUFZCOOZUX7Z"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECDCISL24TYH4CTDFCUVF24WAKRSYF7F"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAXFYIJWT5SHHRNPOJETM77EIMJ6ZP6I"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEXHDCUSLJD2HSPMAAVZ5AWMPUOG6UI7"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202301-01"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5160"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/06/07/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.