Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the Chunk process when handling files with a samplesperchunk value of zero. An attacker can cause a segmentation fault and denial of service by providing a specially crafted HEIF file that triggers an unsigned...

UBUNTU-CVE-2026-42268

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

modsecurity3 -- multiple vulnerabilities

ModSecurity is an open source web application firewall engine. According to the upstream changelog, multiple vulnerabilities have been fixed. CVE-2026-42268: unsigned integer underflow in verify operators CVE-2026-30923: buffer overflow in hexdecode...

ImageMagick < 7.1.2-8 DoS (GHSA-wpp4-vqfq-v4hp)

The remote host has a version of ImageMagick installed that is prior to prior to 7.1.2-8. It is, therefore, affected by denial of service vulnerability as referenced in GHSA-wpp4-vqfq-v4hp advisory. - ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick...

EUVD-2016-1559

Malware in sbrugna...

EUVD-2017-18152

Malware in sbrugna...

EUVD-2018-17619

Malware in sbrugna...

EUVD-2021-30036

Malicious code in bioql PyPI...

EUVD-2024-52825

Malicious code in bioql PyPI...

CVE-2018-5852

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4nat'...

CVE-2025-29912 CryptoLib Has Heap Buffer Overflow Due to Unsigned Integer Underflow in Crypto_TC_ProcessSecurity

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the...

CVE-2018-5852 Buffer Over-read in IPA

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4nat'...

CVE-2018-5852 Buffer Over-read in IPA

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4nat'...

RHEL 6 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openvswitch: Buffer over-read while parsing the group mod OpenFlow message CVE-2017-9265 - In Open vSwitc...

RHEL 7 : rh-php72-php (RHSA-2019:3299)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3299 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later...

libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c

A flaw was found in libtiff's tiffcrop utility that has a uint32t underflow that can lead to an out-of-bounds read and write. This flaw allows an attacker who supplies a crafted file to tiffcrop likely via tricking a user to run tiffcrop on it with certain parametersto cause a crash or, in some...

CVE-2021-43083

Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...

Integer overflow

Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...

CVE-2021-43083 Apache PLC4X 0.9.0 Buffer overflow in PLC4C via crafted server response

Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...

gd: Unsigned integer underflow _gdContributionsAlloc()

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable...