CWE-197
AllowedNumeric Truncation Error
Abstraction: Base · Status: Incomplete
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.
93 vulnerabilities reference this CWE, most recent first.
GHSA-69C6-79JC-FJHR
Vulnerability from github – Published: 2026-06-09 18:30 – Updated: 2026-06-09 18:30Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2026-44823"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-09T17:17:18Z",
"severity": "HIGH"
},
"details": "Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.",
"id": "GHSA-69c6-79jc-fjhr",
"modified": "2026-06-09T18:30:48Z",
"published": "2026-06-09T18:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44823"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44823"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6WCV-G2H3-2M7Q
Vulnerability from github – Published: 2024-03-12 18:31 – Updated: 2024-03-12 18:31Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-21434"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-12T17:15:52Z",
"severity": "HIGH"
},
"details": "Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability",
"id": "GHSA-6wcv-g2h3-2m7q",
"modified": "2024-03-12T18:31:13Z",
"published": "2024-03-12T18:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21434"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21434"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7G6F-R888-776W
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18423.
{
"affected": [],
"aliases": [
"CVE-2023-32143"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:18Z",
"severity": "HIGH"
},
"details": "D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18423.",
"id": "GHSA-7g6f-r888-776w",
"modified": "2024-05-03T03:30:50Z",
"published": "2024-05-03T03:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32143"
},
{
"type": "WEB",
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-535"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7MMQ-Q3M9-JRV7
Vulnerability from github – Published: 2026-05-20 12:30 – Updated: 2026-06-30 03:36NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options ('nsid', 'answer-cookie', 'pad-responses' (default)) need to be enabled for the vulnerability to be exploited. An adversary who can query Unbound can exploit the vulnerability by attaching multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options to the query. A flaw in the size calculation of the EDNS field truncates the correct value which allows the encoder to overflow the available space when writing. Those two combined lead to a heap overflow write of Unbound controlled data and eventually a crash. Unbound 1.25.1 contains a patch with a fix to de-duplicate the EDNS options and a fix to prevent truncation of the EDNS field size calculation.
{
"affected": [],
"aliases": [
"CVE-2026-42944"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-20T10:16:27Z",
"severity": "HIGH"
},
"details": "NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options (\u0027nsid\u0027, \u0027answer-cookie\u0027, \u0027pad-responses\u0027 (default)) need to be enabled for the vulnerability to be exploited. An adversary who can query Unbound can exploit the vulnerability by attaching multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options to the query. A flaw in the size calculation of the EDNS field truncates the correct value which allows the encoder to overflow the available space when writing. Those two combined lead to a heap overflow write of Unbound controlled data and eventually a crash. Unbound 1.25.1 contains a patch with a fix to de-duplicate the EDNS options and a fix to prevent truncation of the EDNS field size calculation.",
"id": "GHSA-7mmq-q3m9-jrv7",
"modified": "2026-06-30T03:36:45Z",
"published": "2026-05-20T12:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42944"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19752"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:23231"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:24365"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:24369"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-42944"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479774"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42944.json"
},
{
"type": "WEB",
"url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2026-42944.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red",
"type": "CVSS_V4"
}
]
}
GHSA-8G76-CC7J-4RCM
Vulnerability from github – Published: 2024-05-14 18:31 – Updated: 2024-05-14 18:31Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-30015"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T17:16:45Z",
"severity": "HIGH"
},
"details": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability",
"id": "GHSA-8g76-cc7j-4rcm",
"modified": "2024-05-14T18:31:04Z",
"published": "2024-05-14T18:31:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30015"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30015"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8Q63-5VH4-M285
Vulnerability from github – Published: 2023-11-14 18:30 – Updated: 2023-11-14 18:30A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.
{
"affected": [],
"aliases": [
"CVE-2023-36641"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T18:15:49Z",
"severity": "MODERATE"
},
"details": "A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.",
"id": "GHSA-8q63-5vh4-m285",
"modified": "2023-11-14T18:30:29Z",
"published": "2023-11-14T18:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36641"
},
{
"type": "WEB",
"url": "https://fortiguard.com/psirt/FG-IR-23-151"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8V72-M9Q9-XPWF
Vulnerability from github – Published: 2024-02-13 18:38 – Updated: 2024-02-13 18:38Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-21352"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-13T18:15:51Z",
"severity": "HIGH"
},
"details": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability",
"id": "GHSA-8v72-m9q9-xpwf",
"modified": "2024-02-13T18:38:23Z",
"published": "2024-02-13T18:38:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21352"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21352"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9PW9-3858-MCGC
Vulnerability from github – Published: 2024-04-09 18:30 – Updated: 2024-04-09 18:30Windows Cryptographic Services Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-29050"
],
"database_specific": {
"cwe_ids": [
"CWE-197",
"CWE-295"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-09T17:15:58Z",
"severity": "HIGH"
},
"details": "Windows Cryptographic Services Remote Code Execution Vulnerability",
"id": "GHSA-9pw9-3858-mcgc",
"modified": "2024-04-09T18:30:27Z",
"published": "2024-04-09T18:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29050"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29050"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C2M9-M7GX-6446
Vulnerability from github – Published: 2024-05-14 18:31 – Updated: 2024-05-14 18:31Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-30014"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T17:16:44Z",
"severity": "HIGH"
},
"details": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability",
"id": "GHSA-c2m9-m7gx-6446",
"modified": "2024-05-14T18:31:04Z",
"published": "2024-05-14T18:31:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30014"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30014"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CF3C-VRHX-R6WG
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Numeric truncation error in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2026-50357"
],
"database_specific": {
"cwe_ids": [
"CWE-197"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:17:35Z",
"severity": "HIGH"
},
"details": "Numeric truncation error in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally.",
"id": "GHSA-cf3c-vrhx-r6wg",
"modified": "2026-07-14T18:32:17Z",
"published": "2026-07-14T18:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50357"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50357"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Ensure that no casts, implicit or explicit, take place that move from a larger size primitive or a smaller size primitive.
No CAPEC attack patterns related to this CWE.