UBUNTU-CVE-2025-13502

A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...

CVE-2025-13502 Webkit: webkitgtk / wpe webkit: out-of-bounds read and integer underflow vulnerability leading to dos

A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...

CVE-2025-13502 Webkit: webkitgtk / wpe webkit: out-of-bounds read and integer underflow vulnerability leading to dos

A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...

CVE-2025-13502

CVE-2025-13502 affects WebKitGTK and WPE WebKit, enabling an out-of-bounds read and integer underflow that can crash UIProcess (DoS) via a crafted payload to the GLib remote inspector server. Multiple connected advisories document this flaw and its remediation, with openSUSE/SUSE updates citing t...

CVE-2025-13502

A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...

EUVD-2025-199556

A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...

CVE-2025-13502

A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...

EUVD-2025-199561

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security...

CVE-2025-59368

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security...

CVE-2025-59368

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security...

CVE-2025-59368

CVE-2025-59368 affects ASUS Router (Aicloud component). It is described as an integer underflow vulnerability where an authenticated attacker can trigger it by sending a crafted request, potentially impacting device availability. CVSS v4.0 indicates a MEDIUM severity (6.0) with network attack vec...

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

...

ASUS Router 安全漏洞

ASUS Router is a router product and accompanying management application from ASUS, primarily used for wireless connectivity and management of home and business networks. An integer underflow vulnerability exists in ASUS Router, which can be exploited by an attacker to cause the availability of th...

PT-2025-48018

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security...

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

UBUNTU-CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

CVE-2025-11931

The set of connected documents confirms this CVE affects wolfSSL’s XChaCha20-Poly1305 code, specifically the wc_XChaCha20Poly1305_Decrypt() function. The root cause is an integer underflow that can lead to out-of-bounds access when decrypting, and this path is taken from direct application calls ...

CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...