4763 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from integer underflow that may occur during calculations involving nblocks, potentially leading to...
PT-2026-14: Integer underflow leads to Remote Code Execution in Yokogawa Centum VP
The vulnerability was identified in Centum VP, versions R1.07.00 or earlier. The discovered vulnerability allows an attacker to achieve remote code execution via an integer underflow that lets malicious input manipulate internal calculations and trigger execution of the code. Vulnerability status...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the process when handling zero-length resources. An attacker can access sensitive information or cause a denial of service by submitting specially crafted content. Remediation A fix was pushed in...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: raptor2 (UTSA-2026-005330)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005330 advisory. In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath. Tenable has...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: raptor2 (UTSA-2026-005274)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005274 advisory. In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath. Tenable has...
CVE-2026-25532
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...
CVE-2026-25532
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...
CVE-2026-25532
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...
CVE-2026-25532 ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...
CVE-2026-25532
CVE-2026-25532 affects Espressif ESP-IDF WPS Enrollee in versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6. A malformed EAP-WSC packet with truncated payload can trigger an integer underflow during fragment length calculation, when processing EAP-Expanded (WSC) messages. The frag_len calculation sub...
CVE-2026-25532 ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...
Espressif ESP-IDF 数字错误漏洞
Espressif ESP-IDF is an IoT development framework developed by Espressif, a Chinese company. Versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6 of Espressif ESP-IDF contain numerical error vulnerabilities. These vulnerabilities stem from integer underflow during the processing ofEAP-WSC packets in th...
PT-2026-6314
Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework contains a flaw in the WPS Wi-Fi Protected Setup Enrollee implementation. Malformed...
Updated gpsd packages fix security vulnerabilities
gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the skyview...
CVE-2026-23567
CVE-2026-23567 affects the TeamViewer DEX Client (Content Distribution Service, NomadBranch.exe) on Windows, prior to version 26.1. The issue is an integer underflow in the UDP command handler that can trigger a heap-based buffer overflow, leading to a denial-of-service (service crash) when proce...
curl: Integer Underflow in src/var.c
Summary: A potential Integer Underflow vulnerability was identified in the setvariable function within src/var.c. the flaw occurs during the calculation of the variable content length clen when a byte range is specified. specifically, the code fails to validate if startoffset is greater than...
CVE-2026-23951 SumatraPDF's Integer Underflow in PalmDbReader Leads to Crash
SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...
CVE-2026-23951 SumatraPDF's Integer Underflow in PalmDbReader Leads to Crash
SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...
CVE-2026-23951
SumatraPDF is affected by an off-by-one error in PalmDbReader::GetRecord when opening crafted Mobi files, triggering only with exactly 2 records and causing an integer underflow in the size calculation. This leads to an out-of-bounds heap read that crashes the application. The CVE notes indicate ...
CVE-2026-23951 SumatraPDF's Integer Underflow in PalmDbReader Leads to Crash
SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...