4765 matches found
PT-2026-21477
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...
PT-2026-25334
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. An integer underflow exists in the update read cache bitmap order function within FreeRDP's Core Library. Recommendations Update to...
PT-2026-25617
Name of the Vulnerable Software and Affected Versions libexif versions through 0.6.25 Description The software contains a flaw in decoding MakerNotes. Specifically, an integer underflow occurs within the exif mnote data get value function when it receives a size of 0, leading to a buffer overwrit...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-992801)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992801 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiexprocessmgmtpacket,...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992850)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992850 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c The missing...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992168)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992168 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiexprocessmgmtpacket,...
webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
CVE-2025-65562
The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very large SEID e.g., 0xFFFFFFFFFFFFFFFF that causes an integer conversion/underflow in LocalNode.DeleteSess /...
webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
free5GC 安全漏洞
free5GC is a 5th Generation 5G mobile core network open source project by free5GC Open Source. A security vulnerability exists in free5GC that stems from a lack of bounds checking when processing PFCP session deletion requests, which could lead to integer underflow and denial of service...
CVE-2025-65562
The CVE-2025-65562 issue affects the free5GC UPF component, where a lack of bounds checking on the SEID during PFCP Session Deletion requests can trigger a Go runtime panic and denial of service. Specifically, processing a very large SEID (for example, 0xFFFFFFFFFFFFFFFF) can cause an integer con...
CLSA-2025-1765986482 webkit2gtk3: Fix of 4 CVEs
CVE-2025-13502: fix out of bounds read and integer underflow by adding bounds checking and validating message delimiters - CVE-2025-43430: fix bbq jit compiler writing to wrong stack slots in wasm try/catch blocks - CVE-2025-43421: fix memory handling issues that cause unexpected process crashes...
kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets
A flaw out of bounds read in the Linux kernel Marvell mwifiex driver was found in the way user sends malicious Wi-Fi packets. A remote user with Wi-Fi connection could use this flaw to crash the system...
webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets
A flaw out of bounds read in the Linux kernel Marvell mwifiex driver was found in the way user sends malicious Wi-Fi packets. A remote user with Wi-Fi connection could use this flaw to crash the system...
webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
CVE-2025-62567
Integer underflow wrap or wraparound in Windows Hyper-V allows an authorized attacker to deny service over a network...