CVEs classified under CWE-195, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-25388 — CVSS 8.4 (high): drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow.
CVE-2020-6096 — CVSS 8.1 (high): An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on…
CVE-2025-65495 — CVSS 7.5 (high): Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of…
CVE-2026-41682: pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port…
CVE-2026-26981 — CVSS 6.5 (medium): OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture…
CVE-2025-30646 — CVSS 6.5 (medium): A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper…
CVE-2025-67897 — CVSS 5.3 (medium): In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue…
CVE-2025-24792 — CVSS 4.4 (medium): Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects (PDO) extension to connect to the Snowflake database. Snowflake…