NewStart CGSL MAIN 7.02 : gstreamer1-plugins-good Multiple Vulnerabilities (NS-SA-2025-0174)

The remote NewStart CGSL host, running version MAIN 7.02, has gstreamer1-plugins-good packages installed that are affected by multiple vulnerabilities: - GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function...

Adobe Illustrator Numeric Error Vulnerability (CNVD-2025-16549)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A numeric error vulnerability exists in Adobe Illustrator that originates from an integer underflow and can be exploited by an attacker to cause arbitrary code to be executed...

CVE-2025-41237

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI Virtual Machine Communication Interface that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX...

Adobe Framemaker Integer Overflow Vulnerability

Adobe FrameMaker is a powerful tool for creating complex technical documentation and publishing it to a variety of delivery channels. An integer underflow vulnerability exists in Adobe Framemaker versions 2020.8, 2022.6 and earlier. An attacker can exploit this vulnerability to execute arbitrary...

VMware ESXi 7.x < 7.0 Update 3w / 8.x < 8.0 Update 2e / 8.0 Update 3 < 8.0 Update 3f (VMSA-2025-0013)

The version of VMware ESXi installed on the remote host is 7.x prior to 7.0 Update 3w, 8.x prior to 8.0 Update 2e, or 8.0 Update 3 prior to 8.0 Update 3f. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0013 advisory: - VMware ESXi, Workstation, and Fusion...

CVE-2025-41237

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI Virtual Machine Communication Interface that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX...

CVE-2025-41237

CVE-2025-41237 describes an integer-underflow in the VMCI component of VMware ESXi, Workstation, and Fusion that can cause an out-of-bounds write. A local attacker with VM-level admin privileges may execute code as the VMX process on the host; exploitation is contained within the VMX sandbox on E...

CVE-2025-41237 VMCI integer-underflow vulnerability

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI Virtual Machine Communication Interface that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX...

CVE-2025-41237 VMCI integer-underflow vulnerability

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI Virtual Machine Communication Interface that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX...

PT-2025-29585

Name of the Vulnerable Software and Affected Versions VMware ESXi, Workstation, and Fusion affected versions not specified Description The software contains an integer-underflow in VMCI Virtual Machine Communication Interface that leads to an out-of-bounds write. A malicious actor with local...

CVE-2025-3947

The Honeywell Experion PKS contains an Integer Underflow vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in improper integer data value checking during subtraction leading to a...

CVE-2025-2523

The Honeywell Experion PKS and OneWireless WDM contains an Integer Underflow vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in a failure during subtraction allowi...

setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow

...

CVE-2025-47097

InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-47128

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-47130

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-47136

InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-49532

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-3947

The Honeywell Experion PKS contains an Integer Underflow vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in improper integer data value checking during subtraction leading to a...

CVE-2025-2523

The Honeywell Experion PKS and OneWireless WDM contains an Integer Underflow vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in a failure during subtraction allowi...