CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

Panic When Opening or Sealing on Export-Only Context

Constructing an HPKE Context with the AEAD algorithm set to HpkeExport resulted in a panic when calling Context::seal, or Context::open. This was due to an underflowing integer subtraction when calculating the length of a vector allocation for the AEAD nonce, which would panic on its own in debug...

Linux Distros Unpatched Vulnerability : CVE-2023-54284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: av7110: prevent underflow in writetstodecoder The buf4 value comes from the user via tsplay. It is a value in the u8 range. The final length we pass to...

OESA-2025-2590 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

EUVD-2022-55037

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3 and the final D value calculated results in underflow errors. As the curren...

CVE-2023-53177 media: hi846: fix usage of pm_runtime_get_if_in_use()

In the Linux kernel, the following vulnerability has been resolved: media: hi846: fix usage of pmruntimegetifinuse pmruntimegetifinuse does not only return nonzero values when the device is in use, it can return a negative errno too. And especially during resuming from system suspend, when runtim...

CVE-2022-50048

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: possible module reference underflow in error path dst-ops is set on when nftexprclone fails, but module refcount has not been bumped yet, therefore nftexprdestroy leads to module reference underflow...

CVE-2022-49189

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3 and the final D value calculated results in underflow errors. As the curren...

D.O.S due to wrong scaling factor

Lines of code Vulnerability details Impact The cNote token which is a fork of the CToken contract has a scaling method used to handle the exchange rate between CToken and the underlying token. This method helps scale the exchange rate because solidity doesn't handle fixed-point decimals. The...

The owner of the asD contract (i.e. the creator) can not withdraw the accrued interest

Lines of code Vulnerability details Impact The asD.withdrawCarry function will always throw an error for all normal totalSupply values due to inappropriate scale factor. So the creator can withdraw the accrued interest only after all users will burn their asD tokens. Proof of Concept The scale...

kernel: drm/amd/display: fix FCLK pstate change underflow

A calculation flaw was found in the AMD display driver in the Linux kernel. When UCLK p-state is not supported, FCLK p-state change watermarks are incorrectly calculated using dummy values, potentially causing underflow. This can lead to display issues or system instability during power state...

Wrong Accruing executed in VaultBooster.sol

Lines of code Vulnerability details Impact Accounting error in accruing at VaultBooster.sol will cause unexpected problems in VaultBooster.sol contract. Proof of Concept The accrue function of VaultBooster.sol at : does not check whether the return variable of computeAvailabletokenOut i.e.,...

Missing Validation which could cause Underflow Error

Lines of code Vulnerability details Impact Two instances of Missing Validation which could cause Underflow Error are spotted at L194 and L593 of NFTBoostVault.sol contract, from L194 there is no check to validate that oldDelegateeVotes is greater than registration.latestVotingPower and from L593...

It is not possible to create or execute new extraordinary proposals after 10 funded Extraordinary Proposals

Lines of code Vulnerability details Impact With each executed offer, the value of getMinimumThresholdPercentage increases, resulting in the fact that when trying to create a new proposal or execute existing, getMinimumThresholdPercentage exceeds 1e18 and we catch an underflow error via...

Incorrect calculation of the remaining updatedRewards leads to possible underflow error

Lines of code Vulnerability details Impact RewardsManage.sol keeps track of the total number of rewards collected per epoch for all pools: File: 2023-05-ajna\ajna-core\src\RewardsManager.sol 73: /// @dev epoch = rewards claimed mapping. 74: mappinguint256 = uint256 public override rewardsClaimed;...

Upgraded Q -> 2 from #836 [1675451857205]

Judge has assessed an item in Issue 836 as 2 risk. The relevant finding follows: Underflow error when redeeming to 0 after minting some rewards --- The text was updated successfully, but these errors were encountered: All reactions...

updateBaseRate and getBorrowRate will always revert if Note/gUSDC TWAP is above 1

Lines of code Vulnerability details Impact updateBaseRate will revert if Note/gUSDC TWAP is above 1 causing all dependent functions to revert as well Proof of Concept If twapMantissa is greater than 1 then L147 will revert due to underflow error Tools Used Recommended Mitigation Steps It seems th...

StakerVault.unstake(), StakerVault.unstakeFor() would revert with a uint underflow error of StakerVault.strategiesTotalStaked, StakerVault._poolTotalStaked.

Lines of code Vulnerability details Impact StakerVault.unstake, StakerVault.unstakeFor would revert with a uint underflow error of StakerVault.strategiesTotalStaked, StakerVault.poolTotalStaked. Proof of Concept Currently it saves totalStaked for strategies and non-strategies separately. uint...

DEBIAN-CVE-2019-14532

An issue was discovered in The Sleuth Kit TSK 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table...

Ubuntu: Security Advisory (USN-2667-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...