CVE-2024-50596

CVE-2024-50596 concerns STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. The NetX Duo Web Component HTTP Server (nx_web_http_server.c) has an integer underflow in the HTTP PUT path that can cause a denial of service by writing an excessively large file. TALOS-2024-2103 documents the vulnerability in th...

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2103 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50596,CVE-2024-50597 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server chunked PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2102 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server chunked PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50594,CVE-2024-50595 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...

PT-2025-14503 · Netx Duo +1 · Netx Duo +1

Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 Description: An integer underflow issue exists in the HTTP server's PUT request functionality, which can lead to denial of service. This is due to the NetX Duo Component HTTP Server...

PT-2025-14505 · Stmicroelectronics · Stmicroelectronics X-Cube-Azrtos-Wl

Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 Description: An integer underflow issue exists in the HTTP server's PUT request functionality, which can be triggered by a specially crafted network packet, leading to denial of service. This...

PT-2025-14504 · Stmicroelectronics +1 · X-Cube-Azrtos-Wl +1

Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 Description: An integer underflow vulnerability exists in the HTTP server PUT request functionality. A specially crafted network packet can lead to denial of service. This issue affects the Ne...

CVE-2023-52979

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2023-52979

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2023-52979

The CVE-2023-52979 entry maps to a Linux kernel vulnerability in squashfs_read_xattr_id_table. When mounting a corrupted filesystem, a signed integer *xattr_ids can become negative, causing incorrect computation of len and indexes, which can lead to a null-pointer dereference in copy_bio_to_actor...

CVE-2023-52979

Removed by vendor...

CVE-2025-2581

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to addre...

CVE-2025-2581

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to addre...

CVE-2025-2581 xmedcon DICOM File malloc integer underflow

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to addre...

CVE-2025-2581

CVE-2025-2581 affects xmedcon 0.25.0 (DICOM File Handler malloc) with an integer underflow that can be triggered remotely. The issue is mitigated by upgrading to a newer release; Fedora advisories and the initial CVE entry indicate upgrades to 0.25.3 (and 0.25.1 as a fix path) as the remediation....

CVE-2025-2581

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to addre...

PT-2025-12392 · Xmedcon +1 · Xmedcon +1

Name of the Vulnerable Software and Affected Versions: xmedcon version 0.25.0 Description: A problem has been detected in the malloc function of the DICOM File Handler component, leading to an integer underflow. This issue can be exploited remotely. Recommendations: For xmedcon version 0.25.0,...

CVE-2025-29913 CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

CVE-2025-29913 CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

CVE-2025-29912 CryptoLib Has Heap Buffer Overflow Due to Unsigned Integer Underflow in Crypto_TC_ProcessSecurity

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the...

raptor2 security update

An update is available for raptor2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Raptor is the RDF Parser Toolkit for Redland that provides a set of standalon...