4733 matches found
JLSEC-2026-150
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...
JLSEC-2026-152 In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote...
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-007393)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007393 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the...
MiniUPnP 安全漏洞
MiniUPnP is a set of UPnP tools developed by the Miniupnp project, which can be used in embedded systems. These tools enable devices in home and corporate networks to connect with each other. MiniUPnP has a security vulnerability, stemming from integer underflow in the parsing of SOAPAction...
PT-2026-33521
miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...
CVE-2026-40253
openCryptoki (PKCS#11 library) is affected in versions 3.26.0 and earlier due to BER/DER decoding in the shared asn1.c lacking a buffer length parameter and trusting BER lengths, enabling out-of-bounds reads when malformed BER objects are provided via C_CreateObject, C_UnwrapKey, token loading, o...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the ACK frame decoding. An attacker can gain elevated privileges by sending specially crafted network packets that trigger an integer underflow during frame parsing. Remediation Upgrade...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the ACK frame decoding. An attacker can gain elevated privileges by sending specially crafted network packets that trigger an integer underflow during frame parsing. Remediation Upgrade...
GHSA-GVVW-8J96-8G5R MsQuic has a Remote Elevation of Privilege Vulnerability
Summary Improper input validation in Microsoft QUIC allows an unauthorized attacker to elevate privileges over a network. Details Improper Input Validation Integer Underflow Wrap or Wraparound when decoding ACK frame. Patches - Fix underflow in ACK frame parsing - 1e6e999b Impact An attacker who...
MsQuic has a Remote Elevation of Privilege Vulnerability
Summary Improper input validation in Microsoft QUIC allows an unauthorized attacker to elevate privileges over a network. Details Improper Input Validation Integer Underflow Wrap or Wraparound when decoding ACK frame. Patches - Fix underflow in ACK frame parsing - 1e6e999b Impact An attacker who...
CVE-2026-27907
Integer underflow wrap or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...
EUVD-2026-22788
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
EUVD-2026-22790
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
SUSE SLES12 Security Update : strongswan (SUSE-SU-2026:1307-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1307-1 advisory. This update for strongswan fixes the following issue: - CVE-2026-25075: integer underflow when handling EAP-TTLS AVP bsc1259472. Tenable has extracted...
CVE-2026-27296
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27297
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27297
CVE-2026-27297 affects Adobe FrameMaker 2022.8 and earlier. The vulnerability is an Integer Underflow/Wrap or Wraparound in FrameMaker, potentially allowing arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. Affected ...
CVE-2026-27297 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27297 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27296
CVE-2026-27296 affects Adobe FrameMaker versions 2022.8 and earlier. A vulnerability in an Integer Underflow (wrap/wraparound) could lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malicious file (user interaction) and is rated High ...