4773 matches found
ALSA-2025:8132 Important: libsoup security update
The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server CVE-2025-32049 libsoup: OOB Read on libsoup through function...
Important: libsoup security update
The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server CVE-2025-32049 libsoup: OOB Read on libsoup through function...
Important: libsoup security update
The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server CVE-2025-32049 libsoup: OOB Read on libsoup through function...
AlmaLinux 9 : libsoup (ALSA-2025:8126)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:8126 advisory. libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server...
RHEL 9 : libsoup (RHSA-2025:8140)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8140 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in...
AlmaLinux 8 : libsoup (ALSA-2025:8132)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:8132 advisory. libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server...
CVE-2025-20128
A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...
CVE-2024-52558
The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program...
CVE-2024-56375
An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a Manifest RPKI object containing an empty fileList. Fort dereferences and, shortly afterwards, writes to this array during a...
CVE-2024-20474
A vulnerability in Internet Key Exchange version 2 IKEv2 processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this...
CVE-2023-47360
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length...
CVE-2023-22308
An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-21375
In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-21685
Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664, a bug in Frontier's MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds and...
CVE-2022-20073
In preloader usb, there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...
CVE-2021-25849
An integer underflow was discovered in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, improper validation of the PortID TLV leads to Denial of Service via a crafted lldp packet...
CVE-2021-43083
Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...
CVE-2021-1919
Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...
CVE-2021-33315
The TRENDnet TI-PG1284i switchhw v2.0R prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer...
CVE-2021-28027
An issue was discovered in the bam crate before 0.1.3 for Rust. There is an integer underflow and out-of-bounds write during the loading of a bgzip block...