CWE-191
AllowedInteger Underflow (Wrap or Wraparound)
Abstraction: Base · Status: Draft
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
642 vulnerabilities reference this CWE, most recent first.
GHSA-F7P3-6RHJ-P7JV
Vulnerability from github – Published: 2026-04-28 09:34 – Updated: 2026-04-28 09:34In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.
{
"affected": [],
"aliases": [
"CVE-2026-40356"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-28T07:16:03Z",
"severity": "MODERATE"
},
"details": "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.",
"id": "GHSA-f7p3-6rhj-p7jv",
"modified": "2026-04-28T09:34:12Z",
"published": "2026-04-28T09:34:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40356"
},
{
"type": "WEB",
"url": "https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f"
},
{
"type": "WEB",
"url": "https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html"
},
{
"type": "WEB",
"url": "https://web.mit.edu/kerberos/advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F935-QQ4F-PJ9F
Vulnerability from github – Published: 2021-12-20 00:00 – Updated: 2022-01-05 00:02Apache PLC4X - PLC4C (Only the C language implementation was effected) was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a mallicious device which could send a response with invalid content. Currently we consider the probability of this being exploited as quite minimal, however this could change in the future, especially with the industrial networks growing more and more together.
{
"affected": [],
"aliases": [
"CVE-2021-43083"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-19T09:15:00Z",
"severity": "HIGH"
},
"details": "Apache PLC4X - PLC4C (Only the C language implementation was effected) was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a mallicious device which could send a response with invalid content. Currently we consider the probability of this being exploited as quite minimal, however this could change in the future, especially with the industrial networks growing more and more together.",
"id": "GHSA-f935-qq4f-pj9f",
"modified": "2022-01-05T00:02:10Z",
"published": "2021-12-20T00:00:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43083"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/jxx6qc84z60xbbhn6vp2s5qf09psrtc7"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/2"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-F99C-R797-V657
Vulnerability from github – Published: 2024-09-18 09:30 – Updated: 2024-09-23 18:30In the Linux kernel, the following vulnerability has been resolved:
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
{
"affected": [],
"aliases": [
"CVE-2024-46756"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-18T08:15:04Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83627ehf) Fix underflows seen when writing limit attributes\n\nDIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large\nnegative number such as -9223372036854775808 is provided by the user.\nFix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.",
"id": "GHSA-f99c-r797-v657",
"modified": "2024-09-23T18:30:33Z",
"published": "2024-09-18T09:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46756"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/26825b62bd1bd3e53b4f44e0745cb516d5186343"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/56cfdeb2c77291f0b5e4592731adfb6ca8fc7c24"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5c1de37969b7bc0abcb20b86e91e70caebbd4f89"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/77ab0fd231c4ca873ec6908e761970360acc6df2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8fecb75bff1b7d87a071c32a37aa0700f2be379d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/93cf73a7bfdce683bde3a7bb65f270d3bd24497b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cc4be794c8d8c253770103e097ab9dbdb5f99ae1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d92f0baf99a7e327dcceab37cce57c38aab1f691"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F9R8-4R5P-XQ44
Vulnerability from github – Published: 2022-05-14 00:57 – Updated: 2025-04-20 03:46GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
{
"affected": [],
"aliases": [
"CVE-2017-14997"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-04T01:29:00Z",
"severity": "HIGH"
},
"details": "GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.",
"id": "GHSA-f9r8-4r5p-xq44",
"modified": "2025-04-20T03:46:19Z",
"published": "2022-05-14T00:57:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14997"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/511"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/graphicsmagick/code/ci/0683f8724200495059606c03f04e0d589b33ebe8"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4232-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"type": "WEB",
"url": "http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset%3Bnode=0683f8724200"
},
{
"type": "WEB",
"url": "http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=0683f8724200"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101183"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FJ2R-4WRV-W3GP
Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2024-04-04 00:46Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150
{
"affected": [],
"aliases": [
"CVE-2018-11930"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-24T17:29:00Z",
"severity": "CRITICAL"
},
"details": "Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150",
"id": "GHSA-fj2r-4wrv-w3gp",
"modified": "2024-04-04T00:46:57Z",
"published": "2022-05-24T16:46:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11930"
},
{
"type": "WEB",
"url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FM8H-3V4J-HPGR
Vulnerability from github – Published: 2023-09-25 18:30 – Updated: 2025-11-04 21:30An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2023-32653"
],
"database_specific": {
"cwe_ids": [
"CWE-191",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-25T16:15:13Z",
"severity": "HIGH"
},
"details": "An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.",
"id": "GHSA-fm8h-3v4j-hpgr",
"modified": "2025-11-04T21:30:39Z",
"published": "2023-09-25T18:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32653"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1802"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1802"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FMH9-9QQ4-CV6J
Vulnerability from github – Published: 2024-06-24 18:31 – Updated: 2024-06-24 18:31Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.
{
"affected": [],
"aliases": [
"CVE-2024-6285"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-24T16:15:10Z",
"severity": "HIGH"
},
"details": "Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware.\nAn integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.",
"id": "GHSA-fmh9-9qq4-cv6j",
"modified": "2024-06-24T18:31:36Z",
"published": "2024-06-24T18:31:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6285"
},
{
"type": "WEB",
"url": "https://github.com/renesas-rcar/arm-trusted-firmware/commit/b596f580637bae919b0ac3a5471422a1f756db3b"
},
{
"type": "WEB",
"url": "https://asrg.io/security-advisories/cve-2024-6285"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FMQG-J5QJ-J8F6
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
{
"affected": [],
"aliases": [
"CVE-2026-25104"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-26T09:16:19Z",
"severity": "HIGH"
},
"details": "MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability",
"id": "GHSA-fmqg-j5qj-j8f6",
"modified": "2026-05-26T13:30:55Z",
"published": "2026-05-26T13:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25104"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2026-2367"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2367"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FMQR-7VVJ-9R72
Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2022-07-22 00:00A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2021-21811"
],
"database_specific": {
"cwe_ids": [
"CWE-191",
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-31T17:15:00Z",
"severity": "CRITICAL"
},
"details": "A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT\u0026T Labs\u2019 Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.",
"id": "GHSA-fmqr-7vvj-9r72",
"modified": "2022-07-22T00:00:39Z",
"published": "2022-05-24T22:28:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21811"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1279"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FMV6-FX37-6F78
Vulnerability from github – Published: 2025-01-14 21:31 – Updated: 2025-01-14 21:31Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2025-21122"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T19:15:33Z",
"severity": "HIGH"
},
"details": "Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-fmv6-fx37-6f78",
"modified": "2025-01-14T21:31:47Z",
"published": "2025-01-14T21:31:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21122"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/photoshop/apsb25-02.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.