PT-2025-27305 · Ibm · Ibm Informix Dynamic Server

Name of the Vulnerable Software and Affected Versions: IBM Informix Dynamic Server versions 12.10, 14.10, and 15.0 Description: The issue allows a remote attacker to cause a denial of service due to an integer underflow when processing packets. Recommendations: For IBM Informix Dynamic Server...

PT-2025-27306 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment unit affected versions not specified Description: An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the...

SUSE SLES15 Security Update : valkey (SUSE-SU-2025:01942-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01942-1 advisory. - CVE-2025-27151: Absence of filename size check may cause a stack overflow bsc1243804 - CVE-2025-49112: setDeferredReply integer...

CVE-2025-52471

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

CVE-2025-52471

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

CVE-2025-52471

The CVE-2025-52471 affects ESP-IDF’s ESP-NOW protocol within the ESP-Wi‑Fi component for ESP-IDF versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6. Root cause: insufficient validation of the data_len parameter in the RX callback/data length handling leads to integer underflow, potentially causing out-of-bo...

CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47543: Fixed an out-of-bounds write in...

SUSE-SU-2025:00063-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 - CVE-2024-47543: Fixed an out-of-bounds write in...

ESP-IDF 数字错误漏洞

ESP-IDF is an Espressif open source development framework for Espressif SoCs supported on Windows, Linux and macOS. A numeric error vulnerability exists in ESP-IDF versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6, which stems from an integer underflow in the ESP-NOW protocol implementation that could lead...

PT-2025-26778

Name of the Vulnerable Software and Affected Versions: ESF-IDF versions 5.1.6, 5.2.5, 5.3.3, and 5.4.1 Description: An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of the ESP-IDF framework. This issue stems from...

Low: valkey

Issue Overview: setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev-size - prev-used. CVE-2025-49112 Affected Packages: valkey Issue Correction: Run dnf update valkey --releasever 2023.7.20250623 to update your system. New Packages: aarch64: ...

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2025-1025)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1025 advisory. setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev-size - prev-used. CVE-2025-49112 Tenable has extracted the preceding description block directly from the teste...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal...

Astra Linux – Vulnerability in libspf2

Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing o...

Astra Linux – Vulnerability in libsoup3, libsoup2.4

A flaw was discovered in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications for handling web communications. The issue arises when the library processes specially crafted multipart messages. Due to improper validation, an...

TencentOS Server 2: raptor2 (TSSA-2025:0097)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0097 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...