4161 matches found
CVE-2025-2581
A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to addre...
CVE-2025-2581
A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to addre...
CVE-2025-2581
CVE-2025-2581 affects xmedcon 0.25.0 (DICOM File Handler malloc) with an integer underflow that can be triggered remotely. The issue is mitigated by upgrading to a newer release; Fedora advisories and the initial CVE entry indicate upgrades to 0.25.3 (and 0.25.1 as a fix path) as the remediation....
PT-2025-12392 · Xmedcon +1 · Xmedcon +1
Name of the Vulnerable Software and Affected Versions: xmedcon version 0.25.0 Description: A problem has been detected in the malloc function of the DICOM File Handler component, leading to an integer underflow. This issue can be exploited remotely. Recommendations: For xmedcon version 0.25.0,...
CVE-2025-29913 CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...
RLSA-2025:0312 Important: raptor2 security update
Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. Security Fixes: raptor: integer underflow when normalizing a URI with the turtle parser CVE-2024-57823 For more details about the security issues, including th...
CVE-2024-10838
An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes ...
CVE-2024-10838
An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes ...
CVE-2024-10838
CVE-2024-10838 — Concrete details : The vulnerability affects Eclipse Cyclone DDS (DDS) and is due to an integer underflow in the DDS_Security_Deserialize_ methods during deserialization, which can enable an unauthenticated attacker to read out-of-bounds heap memory. The impact per documents incl...
CVE-2024-10838 Integer Underflow in DDS_Security_Deserialize_ methods may lead to OOB read
An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes ...
CVE-2024-10838 Integer Underflow in DDS_Security_Deserialize_ methods may lead to OOB read
An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes ...
PT-2025-27975
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an integer underflow that can occur when a device sends a specific input, leading to MMIO write access to an invalid page in the i40e clear hw function. This is...
Amazon Linux 2 : gstreamer1-plugins-good, --advisory ALAS2-2025-2776 (ALAS-2025-2776)
The version of gstreamer1-plugins-good installed on the remote host is prior to 1.18.4-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2776 advisory. GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detecte...
Important: gstreamer1-plugins-good
Issue Overview: GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This...
Linux Distros Unpatched Vulnerability : CVE-2024-23313
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer underflow vulnerability exists in the sopenFAMOSread functionality of The Biosig Project libbiosig 2.5.0 and Master Branch ab0ee111. A specially...
Linux Distros Unpatched Vulnerability : CVE-2024-47545
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux....
Linux Distros Unpatched Vulnerability : CVE-2022-49563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer...
Linux Distros Unpatched Vulnerability : CVE-2015-4021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pharparsetarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a...
Linux Distros Unpatched Vulnerability : CVE-2014-9087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a craft...
Linux Distros Unpatched Vulnerability : CVE-2017-6313
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in the loadresources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service out-of-bounds read an...