CVEbaza.plCWE DictionaryCWE-682
Common Weakness Enumeration

CWE-682

Incorrect Calculation

Category: PillarCVE: 143
Description

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

Extended Description

When product performs a security-critical calculation incorrectly, it might lead to incorrect resource allocations, incorrect privilege assignments, or failed comparisons among other things. Many of the direct results of an incorrect calculation can lead to even larger problems such as failed protection mechanisms or even arbitrary code execution.

CVE vulnerabilities with CWE-682 (143)
10.0
CVSS
CRITICAL
CVE-2023-2163

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

pub. 2023-09-20
9.8
CVSS
CRITICAL
CVE-2024-36736

An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation is performed.

pub. 2024-06-06
9.8
CVSS
CRITICAL
CVE-2022-30600

A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.

pub. 2022-05-18
9.8
CVSS
CRITICAL
CVE-2021-44847

A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.

pub. 2021-12-13
9.8
CVSS
CRITICAL
CVE-2020-0221

Airbrush FW's scratch memory allocator is susceptible to numeric overflow. When the overflow occurs, the next allocation could potentially return a pointer within the previous allocation's memory, which could lead to improper memory access.Product: AndroidVersions: Android kernelAndroid ID: A-135772851

pub. 2020-05-14
9.8
CVSS
CRITICAL
CVE-2018-8319

A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library.

pub. 2018-07-11
9.3
CVSS
CRITICAL
CVE-2024-23981

Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

pub. 2024-08-14
9.2
CVSS
CRITICAL
CVE-2026-44498

ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit (MAX_BLOCK_SIGOPS), allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block can split the network: Zebra nodes follow the offending chain while zcashd nodes do not. This issue has been patched in version 4.4.0.

pub. 2026-05-08
9.1
CVSS
CRITICAL
CVE-2022-23066

In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems.

pub. 2022-05-09
8.8
CVSS
HIGH
CVE-2023-35641

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

pub. 2023-12-12
8.8
CVSS
HIGH
CVE-2022-28048

STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.

pub. 2022-04-15
8.8
CVSS
HIGH
CVE-2021-45960

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).

pub. 2022-01-01
8.8
CVSS
HIGH
CVE-2020-0022

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715

pub. 2020-02-13
8.8
CVSS
HIGH
CVE-2019-19578

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to another pagetable of the same or higher level. Xen has limited support for linear pagetables: A page may either point to itself, or point to another pagetable of the same level (i.e., L2 to L2, L3 to L3, and so on). XSA-240 introduced an additional restriction that limited the "depth" of such chains by allowing pages to either *point to* other pages of the same level, or *be pointed to* by other pages of the same level, but not both. To implement this, we keep track of the number of outstanding times a page points to or is pointed to another page table, to prevent both from happening at the same time. Unfortunately, the original commit introducing this reset this count when resuming validation of a partially-validated pagetable, incorrectly dropping some "linear_pt_entry" counts. If an attacker could engineer such a situation to occur, they might be able to make loops or other arbitrary chains of linear pagetables, as described in XSA-240. A malicious or buggy PV guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Privilege escalation and information leaks cannot be excluded. All versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Only systems which have enabled linear pagetables are vulnerable. Systems which have disabled linear pagetables, either by selecting CONFIG_PV_LINEAR_PT=n when building the hypervisor, or adding pv-linear-pt=false on the command-line, are not vulnerable.

pub. 2019-12-11
8.8
CVSS
HIGH
CVE-2019-5853

Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

pub. 2019-11-25
8.8
CVSS
HIGH
CVE-2019-16346

ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.

pub. 2019-09-16
8.8
CVSS
HIGH
CVE-2019-16347

ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.

pub. 2019-09-16
8.8
CVSS
HIGH
CVE-2017-13151

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.

pub. 2017-12-06
8.8
CVSS
HIGH
CVE-2017-12134

The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.

pub. 2017-08-24
8.8
CVSS
HIGH
CVE-2017-12135

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.

pub. 2017-08-24
Showing 20 of 143 vulnerabilities
Information
ID: CWE-682
Type: Pillar
Vulnerabilities: 143
MITRE CWE ↗
← CWE Dictionary
CWE-682 — Incorrect Calculation | CWE Dictionary | CVEbaza.pl