Vulnerabilities > Integer Underflow (Wrap or Wraparound)

DATE CVE VULNERABILITY TITLE RISK
2018-08-28 CVE-2018-3926 Integer Underflow (Wrap or Wraparound) vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17.
local
low complexity
samsung CWE-191
5.5
2018-07-17 CVE-2018-14353 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-191
7.5
2018-07-16 CVE-2018-14325 Integer Underflow (Wrap or Wraparound) vulnerability in Techsmith Mp4V2 2.0.0
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
network
low complexity
techsmith CWE-191
8.8
2018-07-10 CVE-2018-12230 Integer Underflow (Wrap or Wraparound) vulnerability in Remicoin Project Remicoin
An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin (RMC), an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks.
network
low complexity
remicoin-project CWE-191
5.0
2018-07-06 CVE-2018-5865 Integer Underflow (Wrap or Wraparound) vulnerability in Google Android
While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur.
local
low complexity
google CWE-191
2.1
2018-06-06 CVE-2018-5850 Integer Underflow (Wrap or Wraparound) vulnerability in Google Android
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
network
google CWE-191
critical
9.3
2018-04-18 CVE-2015-9198 Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory.
network
low complexity
qualcomm CWE-191
critical
10.0
2018-04-18 CVE-2015-9167 Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur.
network
low complexity
qualcomm CWE-191
critical
10.0
2018-04-18 CVE-2015-9129 Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs.
network
low complexity
qualcomm CWE-191
critical
10.0
2018-02-28 CVE-2018-7569 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
network
gnu redhat CWE-191
4.3