CVEs classified under CWE-682, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2023-2163 — CVSS 10.0 (critical): Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary…
CVE-2026-1229 — CVSS 9.8 (critical): The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is…
CVE-2024-36736 — CVSS 9.8 (critical): An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation…
CVE-2022-30600 — CVSS 9.8 (critical): A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.
CVE-2021-44847 — CVSS 9.8 (critical): A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an…
CVE-2020-0221 — CVSS 9.8 (critical): Airbrush FW's scratch memory allocator is susceptible to numeric overflow. When the overflow occurs, the next allocation could potentially…
CVE-2018-8319 — CVSS 9.8 (critical): A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations…
CVE-2022-23066 — CVSS 9.1 (critical): In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv…
CVE-2024-23981 — CVSS 8.8 (high): Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an…
CVE-2022-28048 — CVSS 8.8 (high): STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.
CVE-2021-45960 — CVSS 8.8 (high): In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc…
CVE-2020-0022 — CVSS 8.8 (high): In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This…
CVE-2019-19578 — CVSS 8.8 (high): An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear…
CVE-2019-5853 — CVSS 8.8 (high): Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap…
CVE-2019-16347 — CVSS 8.8 (high): ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small…
CVE-2019-16346 — CVSS 8.8 (high): ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small…
CVE-2017-13151 — CVSS 8.8 (high): A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2…
CVE-2017-12135 — CVSS 8.8 (high): Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via…
CVE-2017-12134 — CVSS 8.8 (high): The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data…
CVE-2017-8905 — CVSS 8.8 (high): Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the…
CVE-2017-8326 — CVSS 8.8 (high): libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might…
CVE-2023-2423 — CVSS 8.6 (high): A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event…
CVE-2024-41011 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We…
CVE-2018-11790 — CVSS 7.8 (high): When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the…
CVE-2018-11262 — CVSS 7.8 (high): In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out…
CVE-2017-13288 — CVSS 7.8 (high): In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch. This…
CVE-2017-9725 — CVSS 7.8 (high): In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size…
CVE-2017-0679 — CVSS 7.8 (high): A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android…
CVE-2017-0666 — CVSS 7.8 (high): A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1…
CVE-2017-0342 — CVSS 7.8 (high): All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where…
CVE-2017-0545 — CVSS 7.8 (high): An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the…
CVE-2026-10512 — CVSS 7.5 (high): The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed…
CVE-2026-44498 — CVSS 7.5 (high): ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature…
CVE-2026-24783 — CVSS 7.5 (high): soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the `mulDiv(x, y, z)`…
CVE-2025-4435 — CVSS 7.5 (high): When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and…
CVE-2025-26622 — CVSS 7.5 (high): vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the babylonian method to calculate square roots of…
CVE-2024-11407 — CVSS 7.5 (high): There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel…
CVE-2024-6287 — CVSS 7.5 (high): Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image…
CVE-2023-35848 — CVSS 7.5 (high): VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure…
CVE-2023-28431 — CVSS 7.5 (high): Frontier is an Ethereum compatibility layer for Substrate. Frontier's `modexp` precompile uses `num-bigint` crate under the hood. In the…
CVE-2023-24533 — CVSS 7.5 (high): Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked…
CVE-2022-35258 — CVSS 7.5 (high): An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to…
CVE-2022-31198 — CVSS 7.5 (high): OpenZeppelin Contracts is a library for secure smart contract development. This issue concerns instances of Governor that use the module…
CVE-2022-22138 — CVSS 7.5 (high): All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs…
CVE-2022-30780 — CVSS 7.5 (high): Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because…
CVE-2021-44504 — CVSS 7.5 (high): An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a size…
CVE-2021-44491 — CVSS 7.5 (high): An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause a calculation of the size of calls…
CVE-2021-44490 — CVSS 7.5 (high): An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause a calculation of the size of calls…
CVE-2022-23011 — CVSS 7.5 (high): On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3, virtual servers may stop responding while…