CVE-2025-52497

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtlspemreadbuffer and two mbedtlspkparse functions, via untrusted PEM input...

CVE-2025-52497

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtlspemreadbuffer and two mbedtlspkparse functions, via untrusted PEM input...

CVE-2025-52497

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtlspemreadbuffer and two mbedtlspkparse functions, via untrusted PEM input...

CVE-2025-52497

CVE-2025-52497 affects Mbed TLS before 3.6.4. The issue is a one-byte heap-based buffer underflow in PEM parsing (mbedtls_pem_read_buffer) and in two mbedtls_pk_parse functions when handling untrusted PEM input. Base CVSS v3.1 score is 4.8 (Network attack, High complexity, No privileges, No user ...

CVE-2025-52497

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtlspemreadbuffer and two mbedtlspkparse functions, via untrusted PEM input...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : glib2 (SUSE-SU-2025:02167-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02167-1 advisory. - CVE-2025-6052: Fixed integer overflow in gstringmaybeexpand leads to potential buffer overflo...

Security update for glib2

This update for glib2 fixes the following issues: CVE-2025-6052: Fixed integer overflow in gstringmaybeexpand leads to potential buffer overflow in GString bsc1244596. CVE-2025-4373: Fixed buffer underflow through glib/gstring.c via function gstringinsertunichar bsc1242844. Patch Instructions: To...

SUSE-SU-2025:02167-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2025-6052: Fixed integer overflow in gstringmaybeexpand leads to potential buffer overflow in GString bsc1244596. - CVE-2025-4373: Fixed buffer underflow through glib/gstring.c via function gstringinsertunichar bsc1242844...

PT-2025-28011

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions prior to 3.6.4 Description: The issue is related to a PEM parsing one-byte heap-based buffer underflow in Mbed TLS, specifically in the mbedtls pem read buffer and two mbedtls pk parse functions. This occurs when the softwar...

Mageia: Security Advisory (MGASA-2025-0173)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated glib2.0 packages fix security vulnerability

Buffer underflow on glib through glib/gstring.c via function gstringinsertunichar. CVE-2025-4373...

MGASA-2025-0173 Updated glib2.0 packages fix security vulnerability

Buffer underflow on glib through glib/gstring.c via function gstringinsertunichar. CVE-2025-4373...

CVE-2024-22955

swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576...

CVE-2024-22911

A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602...

CVE-2024-22562

swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dictforeachkeyvalue at swftools/lib/q.c...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2023-24551

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute...

CVE-2021-1916

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2017-9203

imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service buffer underflow via a crafted image, related to imagew-bmp.c...

CVE-2019-3563

Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow. This affects versions of Wangle prior to v2019.04.22.00...