Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lock range check in ksmbd when size equals isize could result in an integer underflow...

MiracleLinux 7 : libsoup-2.62.2-2.0.5.0.1.el7.AXS7 (AXSA:2025-11110:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11110:15 advisory. CVE-2025-4948: fix integer underflow in soupmultipartnewfrommessage CVE-2025-32049: fix Denial of Service attack to websocket server CVE-2025-32914...

MiracleLinux 8 : webkit2gtk3-2.50.3-1.el8_10.ML.1 (AXSA:2025-11507:20)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11507:20 advisory. webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing...

Linux Distros Unpatched Vulnerability : CVE-2025-68799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 fr...

MiracleLinux 7 : gstreamer1-1.10.4-2.0.1.el7.AXS7 (AXSA:2025-11534:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11534:07 advisory. CVE-2024-47606: allocator: avoid integer overflow when allocating sysmem Fix documentation build with the newer gtk-doc CVEs: CVE-2024-47606 GStreamer is a...

CVE-2021-41821

Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager...

CVE-2021-33316

The TRENDnet TI-PG1284i switchhw v2.0R prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer...

CVE-2021-28362

An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked with respec...

CVE-2021-22379

There is an Integer Underflow Wrap or Wraparound Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr...

CVE-2019-2245

Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...

CVE-2019-2187

In nfcncifdecoderfparams of nfcncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1...

CVE-2019-20590

An issue was discovered on Samsung mobile devices with O8.x Qualcomm chipsets software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 July 2019...

CVE-2020-24837

An integer underflow has been found in the latest version of ZCFees. The variables 'currPeriodIdx' and 'lastPeriodExecIdx' are both unsigned integers, and the result of the minus operation may be a negative integer which leads to an underflow. The attackers can modify the current timestamp of the...

Siemens SCALANCE, Ruggedcom ROX Integer Underflow (Wrap or Wraparound) (CVE-2022-2639)

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

CVE-2022-27492

An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted video file...

CVE-2019-16160

An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service...

CVE-2025-1991

IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets...

CVE-2025-10933

An integer underflow vulnerability in the Silicon Labs Z-Wave Protocol Controller can lead to out of bounds memory reads...

CVE-2026-21489

CVE-2026-21489 (iccDEV) affects iccDEV libraries, versions 2.3.1.1 and earlier. The vulnerability is an Out-of-bounds Read and an Integer Underflow (Wrap or Wraparound) in the CIccCalculatorFunc::SequenceNeedTempReset function. Public descriptions across NVD, Red Hat, NVD, CVE lists and other fee...

CVE-2026-21489 iccDEV has Out-of-bounds Read and Integer Underflow (Wrap or Wraparound)

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have Out-of-bounds Read and Integer Underflow Wrap or Wraparound vulnerabilities in its CIccCalculatorFunc::SequenceNeedTempReset function. This issue is fixed in version 2.3.1....