PT-2025-27305 · Ibm · Ibm Informix Dynamic Server

Name of the Vulnerable Software and Affected Versions: IBM Informix Dynamic Server versions 12.10, 14.10, and 15.0 Description: The issue allows a remote attacker to cause a denial of service due to an integer underflow when processing packets. Recommendations: For IBM Informix Dynamic Server...

PT-2025-27306 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment unit affected versions not specified Description: An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the...

IBM Informix Dynamic Server 数字错误漏洞

IBM Informix Dynamic Server IDS is a scalable object-relational database server from International Business Machines IBM that provides continuous data availability and disaster recovery, among other features, for clustered data centers. A numeric error vulnerability exists in IBM Informix Dynamic...

SUSE SLES15 Security Update : valkey (SUSE-SU-2025:01942-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01942-1 advisory. - CVE-2025-27151: Absence of filename size check may cause a stack overflow bsc1243804 - CVE-2025-49112: setDeferredReply integer...

CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

CVE-2025-52471

The CVE-2025-52471 affects ESP-IDF’s ESP-NOW protocol within the ESP-Wi‑Fi component for ESP-IDF versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6. Root cause: insufficient validation of the data_len parameter in the RX callback/data length handling leads to integer underflow, potentially causing out-of-bo...

CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47543: Fixed an out-of-bounds write in...

SUSE-SU-2025:00063-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 - CVE-2024-47543: Fixed an out-of-bounds write in...

PT-2025-26778

Name of the Vulnerable Software and Affected Versions: ESF-IDF versions 5.1.6, 5.2.5, 5.3.3, and 5.4.1 Description: An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of the ESP-IDF framework. This issue stems from...

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2025-1025)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1025 advisory. setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev-size - prev-used. CVE-2025-49112 Tenable has extracted the preceding description block directly from the teste...

libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal...

Astra Linux – Vulnerability in libspf2

Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing o...

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. An integer underflow was detected in the extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction of atomlength – 8 may result in an underflow if atomlength is less than 8. When this subtracti...

Astra Linux – Vulnerability in libsoup3, libsoup2.4

A flaw was discovered in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications for handling web communications. The issue arises when the library processes specially crafted multipart messages. Due to improper validation, an...

TencentOS Server 4: rapidjson (TSSA-2024:0415)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0415 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: gstreamer1 (TSSA-2024:1102)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1102 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 2: raptor2 (TSSA-2025:0097)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0097 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Security update for valkey

This update for valkey fixes the following issues: CVE-2025-27151: Absence of filename size check may cause a stack overflow bsc1243804 CVE-2025-49112: setDeferredReply integer underflow bsc1243913 CVE-2025-21605: Output buffer denial of service bsc1241708 Patch Instructions: To install this SUSE...