sumatrapdf numerical error vulnerability

Sumatrapdf is an open-source PDF reader developed by SumatraPDF Reader. SumatraPDF has a digital error vulnerability; this vulnerability stems from handling specially crafted Mobi files, where a single mistake or integer underflow can lead to out-of-bounds heap access and application crashes...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38200)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38200 advisory. - In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invali...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

CVE-2024-38063 — Windows IPv6 Stack Vulnerability Analysis &...

MiracleLinux 9 : edk2-20231122-6.el9 (AXSA:2024-8102:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8102:05 advisory. edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer overflow in...

MiracleLinux 7 : kernel-3.10.0-1160.108.1.el7 (AXSA:2024-7470:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7470:05 advisory. kernel: netfilter: potential slab-out-of-bound access due to integer underflow CVE-2023-42753 Tenable has extracted the preceding description block directly...

gpsd security update

1:3.26.1-1.0.1.el101.1 - Replace upstream reference Orabug: 37033219 1:3.26.1-1.el101.1 - fix buffer overflow in NMEA2000 driver CVE-2025-67268 - fix integer underflow in handling of Navcom packets CVE-2025-67269...

MiracleLinux 7 : xorg-x11-server-1.20.4-16.el7 (AXSA:2021-1756:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1756:02 advisory. xorg-x11-server: XChangeFeedbackControl integer underflow leads to privilege escalation CVE-2021-3472 Tenable has extracted the preceding description block...

Debian dla-4441 : gpsd - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4441 advisory. [email protected] Subject: SECURITY DLA 4441-1 gpsd security update - ------------------------------------------------------------------------- Debia...

CVE-2025-62291

A flaw was found in the strongSwan eap-mschapv2 plugin client-side. A remote attacker, specifically a malicious Extensible Authentication Protocol - Microsoft Challenge-Handshake Authentication Protocol version 2 EAP-MSCHAPv2 server, could exploit this by sending a specially crafted message betwe...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

AZL-74660 CVE-2025-62291 affecting package strongswan for versions less than 5.9.14-8

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

ALPINE-CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

MiracleLinux 3 : xorg-x11-server-1.1.1-48.101.3.0.1.AXS3 (AXSA:2014-286:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-286:01 advisory. X.Org X11 X server Security issues fixed with this release: CVE-2013-6424 Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001179)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001179 advisory. The edgebulkincallback function in drivers/usb/serial/ioti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information in the dmesg...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

caif: fix integer underflow in cffrml_receive()

...

SUSE CVE-2025-68799

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...