4902 matches found
CVE-2026-44251
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions 3.0.0 and above, prior to 4.14.5, a sizet integer underflow in oscrypto/shared/msgs.c:389 allows any enrolled Wazuh agent to crash the wazuh-remoted process on the manager, immediately...
CVE-2026-40955
CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40954
CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
EUVD-2026-44788
CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40955
CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40955 Integer underflow vulnerability in Secure Access clients
CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40955
CVE-2026-40955 describes an integer underflow in the traffic parsing function of Secure Access clients prior to 14.55. The vulnerability allows attackers with intimate knowledge of and total control over the tunnel protocol to cause a non-persistent Denial of Service against their client. Affecte...
EUVD-2026-44787
CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40954
CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40954 Integer underflow in Secure Access clients prior to 14.55
CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40954
The CVE-2026-40954 entry describes an integer underflow in the traffic parsing function of Secure Access clients prior to 14.55. The vulnerability can be exploited by attackers with intimate knowledge of and total control over the tunnel protocol to cause a non-persistent DoS against their client...
EUVD-2026-44519
CAI Content Credentials is affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not...
EUVD-2026-44525
CAI Content Credentials is affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not...
CVE-2026-48298
CAI Content Credentials is affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not...
CVE-2026-48296
CAI Content Credentials is affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not...
JLSEC-2026-686 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit...
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...
JLSEC-2026-741 Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause a program crash...
Integer underflow in wolfSSL packet sniffer = 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by sslDecodePacket. The underflow wraps a 16-bit length to a large valu...
JLSEC-2026-715 An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN)...
An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name SAN extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect...
JLSEC-2026-692 Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer...
Integer underflow in wolfSSL packet sniffer = 5.8.4 allows an attacker to cause a buffer overflow in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by sslDecodePacket. The underflow wraps a 16-bit length to a large...
JLSEC-2026-708
Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving...